{"id":"https://openalex.org/W1984421781","doi":"https://doi.org/10.1145/2422498.2422500","title":"Architecting a security strategy measurement and management system","display_name":"Architecting a security strategy measurement and management system","publication_year":2012,"publication_date":"2012-10-01","ids":{"openalex":"https://openalex.org/W1984421781","doi":"https://doi.org/10.1145/2422498.2422500","mag":"1984421781"},"language":"en","primary_location":{"id":"doi:10.1145/2422498.2422500","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2422498.2422500","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Workshop on Model-Driven Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048729364","display_name":"Roland Rieke","orcid":"https://orcid.org/0000-0003-3461-0520"},"institutions":[{"id":"https://openalex.org/I4210133470","display_name":"Fraunhofer Institute for Secure Information Technology","ror":"https://ror.org/03qt2gs44","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210133470","https://openalex.org/I4923324"]},{"id":"https://openalex.org/I4923324","display_name":"Fraunhofer Society","ror":"https://ror.org/05hkkdn48","country_code":"DE","type":"funder","lineage":["https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Roland Rieke","raw_affiliation_strings":["Fraunhofer Institute SIT, Darmstadt, Germany","Fraunhofer Institute SIT, Darmstadt, Germany#TAB#"],"affiliations":[{"raw_affiliation_string":"Fraunhofer Institute SIT, Darmstadt, Germany","institution_ids":["https://openalex.org/I4210133470"]},{"raw_affiliation_string":"Fraunhofer Institute SIT, Darmstadt, Germany#TAB#","institution_ids":["https://openalex.org/I4923324"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5007691919","display_name":"Julian Sch\u00fctte","orcid":"https://orcid.org/0000-0002-3007-6538"},"institutions":[{"id":"https://openalex.org/I4210136922","display_name":"Fraunhofer Institute for Applied and Integrated Security","ror":"https://ror.org/03w0bbr97","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210136922","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Julian Sch\u00fctte","raw_affiliation_strings":["Fraunhofer Institution AISEC, Garching, Germany"],"affiliations":[{"raw_affiliation_string":"Fraunhofer Institution AISEC, Garching, Germany","institution_ids":["https://openalex.org/I4210136922"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5078151248","display_name":"Andrew Hutchison","orcid":"https://orcid.org/0000-0002-9707-3286"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Andrew Hutchison","raw_affiliation_strings":["T-Systems South Africa, Bellville, Cape Town, South Africa"],"affiliations":[{"raw_affiliation_string":"T-Systems South Africa, Bellville, Cape Town, South Africa","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5048729364"],"corresponding_institution_ids":["https://openalex.org/I4210133470","https://openalex.org/I4923324"],"apc_list":null,"apc_paid":null,"fwci":1.4211,"has_fulltext":false,"cited_by_count":7,"citation_normalized_percentile":{"value":0.86478523,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"6"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10639","display_name":"Advanced Software Engineering Methodologies","score":0.9961000084877014,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10679","display_name":"Service-Oriented Architecture and Web Services","score":0.995199978351593,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7645946145057678},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.6610710620880127},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.5131548047065735},{"id":"https://openalex.org/keywords/enforcement","display_name":"Enforcement","score":0.48142120242118835},{"id":"https://openalex.org/keywords/extensibility","display_name":"Extensibility","score":0.4715718626976013},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.4570470154285431},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.4304141104221344},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.4212830066680908},{"id":"https://openalex.org/keywords/process-management","display_name":"Process management","score":0.4058607816696167},{"id":"https://openalex.org/keywords/software-engineering","display_name":"Software engineering","score":0.4001964032649994},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.40001875162124634},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3844670057296753},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.25971248745918274},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.1271950900554657},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.1019134521484375}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7645946145057678},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.6610710620880127},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.5131548047065735},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.48142120242118835},{"id":"https://openalex.org/C32833848","wikidata":"https://www.wikidata.org/wiki/Q4115054","display_name":"Extensibility","level":2,"score":0.4715718626976013},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.4570470154285431},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.4304141104221344},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.4212830066680908},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.4058607816696167},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.4001964032649994},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.40001875162124634},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3844670057296753},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.25971248745918274},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.1271950900554657},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.1019134521484375},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C71924100","wikidata":"https://www.wikidata.org/wiki/Q11190","display_name":"Medicine","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/2422498.2422500","is_oa":false,"landing_page_url":"https://doi.org/10.1145/2422498.2422500","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the Workshop on Model-Driven Security","raw_type":"proceedings-article"},{"id":"pmh:oai:publica.fraunhofer.de:publica/377962","is_oa":false,"landing_page_url":"https://publica.fraunhofer.de/handle/publica/377962","pdf_url":null,"source":{"id":"https://openalex.org/S4306400318","display_name":"Fraunhofer-Publica (Fraunhofer-Gesellschaft)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4923324","host_organization_name":"Fraunhofer-Gesellschaft","host_organization_lineage":["https://openalex.org/I4923324"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"conference paper"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7699999809265137}],"awards":[],"funders":[{"id":"https://openalex.org/F4320320300","display_name":"European Commission","ror":"https://ror.org/00k4n6c32"},{"id":"https://openalex.org/F4320321469","display_name":"Bundesministerium f\u00fcr Wirtschaft und Technologie","ror":"https://ror.org/02vgg2808"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":18,"referenced_works":["https://openalex.org/W48058385","https://openalex.org/W80431902","https://openalex.org/W151629373","https://openalex.org/W1584467173","https://openalex.org/W1986795233","https://openalex.org/W2060288001","https://openalex.org/W2063704486","https://openalex.org/W2126145337","https://openalex.org/W2155887722","https://openalex.org/W2156352116","https://openalex.org/W2256845964","https://openalex.org/W2398000860","https://openalex.org/W2522338500","https://openalex.org/W2743037220","https://openalex.org/W2887317944","https://openalex.org/W2997998108","https://openalex.org/W3022562948","https://openalex.org/W4245142123"],"related_works":["https://openalex.org/W88610236","https://openalex.org/W2165898552","https://openalex.org/W2418642600","https://openalex.org/W2290724697","https://openalex.org/W2187486724","https://openalex.org/W1811024770","https://openalex.org/W2907868081","https://openalex.org/W2299494954","https://openalex.org/W1528506334","https://openalex.org/W2188404590"],"abstract_inverted_index":{"The":[0],"use":[1],"of":[2,47,62,82,115,125,158],"formal":[3],"models":[4,88],"to":[5,96,138],"guide":[6],"security":[7,19,65,117,131,140],"design":[8,51],"is":[9,37,107],"appealing.":[10],"This":[11,70],"paper":[12,71],"presents":[13],"a":[14,48,57,73,136],"model":[15,74,110,134,139],"driven":[16,75],"approach":[17,76,104],"whereby":[18],"systems":[20],"in":[21,56],"operation":[22,53],"can":[23,54,147],"be":[24,97,148],"assessed":[25],"and":[26,44,52,99,119,162],"measured":[27],"against":[28],"various":[29],"requirements":[30,46],"that":[31,59,111],"are":[32,67],"defined":[33],"when":[34],"the":[35,79,103,116,129],"system":[36],"created.":[38],"By":[39,123],"aligning":[40],"with":[41],"organisational":[42],"policy,":[43],"business":[45],"specific":[49,152],"system,":[50],"proceed":[55],"way":[58,137],"allows":[60],"measurement":[61],"how":[63],"successfully":[64],"objectives":[66],"being":[68],"achieved.":[69],"describes":[72],"which":[77,146],"overcomes":[78],"contextual":[80],"restrictions":[81],"existing":[83],"solutions.":[84],"In":[85],"particular,":[86],"where":[87],"have":[89,94],"been":[90],"used":[91],"previously":[92],"these":[93],"tended":[95],"predefined":[98],"closed":[100],"models,":[101],"whereas":[102],"described":[105],"here":[106],"an":[108,143,155],"extensible":[109],"comprises":[112],"all":[113],"parts":[114],"monitoring":[118],"decision":[120,160],"support":[121],"process.":[122],"means":[124],"interlinked":[126],"semantic":[127],"concepts,":[128],"proposed":[130],"strategy":[132],"meta":[133],"provides":[135],"directives":[141],"at":[142],"abstract":[144],"level,":[145],"automatically":[149],"compiled":[150],"into":[151],"rules":[153],"for":[154],"underlying":[156],"framework":[157],"monitoring,":[159],"support,":[161],"enforcement":[163],"engines.":[164]},"counts_by_year":[{"year":2024,"cited_by_count":1},{"year":2020,"cited_by_count":2},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1},{"year":2015,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}