{"id":"https://openalex.org/W2075694432","doi":"https://doi.org/10.2298/csis101231014m","title":"An approach to assess and compare quality of security models","display_name":"An approach to assess and compare quality of security models","publication_year":2011,"publication_date":"2011-01-01","ids":{"openalex":"https://openalex.org/W2075694432","doi":"https://doi.org/10.2298/csis101231014m","mag":"2075694432"},"language":"en","primary_location":{"id":"doi:10.2298/csis101231014m","is_oa":true,"landing_page_url":"https://doi.org/10.2298/csis101231014m","pdf_url":"http://www.doiserbia.nb.rs/ft.aspx?id=1820-02141100014M","source":{"id":"https://openalex.org/S206939107","display_name":"Computer Science and Information Systems","issn_l":"1820-0214","issn":["1820-0214","2406-1018"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310321031","host_organization_name":"ComSIS Consortium","host_organization_lineage":["https://openalex.org/P4310321031"],"host_organization_lineage_names":["ComSIS Consortium"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computer Science and Information Systems","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"diamond","oa_url":"http://www.doiserbia.nb.rs/ft.aspx?id=1820-02141100014M","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5066884035","display_name":"Raimundas Matulevi\u010dius","orcid":"https://orcid.org/0000-0002-1829-4794"},"institutions":[{"id":"https://openalex.org/I56085075","display_name":"University of Tartu","ror":"https://ror.org/03z77qz90","country_code":"EE","type":"education","lineage":["https://openalex.org/I56085075"]}],"countries":["EE"],"is_corresponding":true,"raw_author_name":"Raimundas Matulevicius","raw_affiliation_strings":["Institute of Computer Science, University of Tartu, Tartu, Estonia","Institute of Computer Science, University of Tartu, Tartu, Estonia#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, University of Tartu, Tartu, Estonia","institution_ids":["https://openalex.org/I56085075"]},{"raw_affiliation_string":"Institute of Computer Science, University of Tartu, Tartu, Estonia#TAB#","institution_ids":["https://openalex.org/I56085075"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5078856374","display_name":"Henri Lakk","orcid":null},"institutions":[{"id":"https://openalex.org/I56085075","display_name":"University of Tartu","ror":"https://ror.org/03z77qz90","country_code":"EE","type":"education","lineage":["https://openalex.org/I56085075"]}],"countries":["EE"],"is_corresponding":false,"raw_author_name":"Henri Lakk","raw_affiliation_strings":["Institute of Computer Science, University of Tartu, Tartu, Estonia","Institute of Computer Science, University of Tartu, Tartu, Estonia#TAB#"],"affiliations":[{"raw_affiliation_string":"Institute of Computer Science, University of Tartu, Tartu, Estonia","institution_ids":["https://openalex.org/I56085075"]},{"raw_affiliation_string":"Institute of Computer Science, University of Tartu, Tartu, Estonia#TAB#","institution_ids":["https://openalex.org/I56085075"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5088373938","display_name":"Marion Lepmets","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Marion Lepmets","raw_affiliation_strings":["Centre for Public Research Henri Tudor - SSI, Luxembourg"],"affiliations":[{"raw_affiliation_string":"Centre for Public Research Henri Tudor - SSI, Luxembourg","institution_ids":[]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5066884035"],"corresponding_institution_ids":["https://openalex.org/I56085075"],"apc_list":null,"apc_paid":null,"fwci":5.5091,"has_fulltext":true,"cited_by_count":12,"citation_normalized_percentile":{"value":0.95545257,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"8","issue":"2","first_page":"447","last_page":"476"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9994000196456909,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9991999864578247,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.998199999332428,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8602637052536011},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.7165786027908325},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.6102420687675476},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.5984400510787964},{"id":"https://openalex.org/keywords/correctness","display_name":"Correctness","score":0.5624802112579346},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.5514824390411377},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.5120937824249268},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.4526973068714142},{"id":"https://openalex.org/keywords/security-convergence","display_name":"Security convergence","score":0.45089271664619446},{"id":"https://openalex.org/keywords/security-engineering","display_name":"Security engineering","score":0.4492114186286926},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4349171221256256},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.4310110807418823},{"id":"https://openalex.org/keywords/sql-injection","display_name":"SQL injection","score":0.423283189535141},{"id":"https://openalex.org/keywords/quality","display_name":"Quality (philosophy)","score":0.41138195991516113},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3918308615684509},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2814761996269226},{"id":"https://openalex.org/keywords/query-by-example","display_name":"Query by Example","score":0.1125105619430542},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.11187279224395752},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.09590533375740051},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.08980664610862732}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8602637052536011},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.7165786027908325},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.6102420687675476},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.5984400510787964},{"id":"https://openalex.org/C55439883","wikidata":"https://www.wikidata.org/wiki/Q360812","display_name":"Correctness","level":2,"score":0.5624802112579346},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.5514824390411377},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.5120937824249268},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.4526973068714142},{"id":"https://openalex.org/C52420254","wikidata":"https://www.wikidata.org/wiki/Q7445028","display_name":"Security convergence","level":5,"score":0.45089271664619446},{"id":"https://openalex.org/C13159133","wikidata":"https://www.wikidata.org/wiki/Q365674","display_name":"Security engineering","level":5,"score":0.4492114186286926},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4349171221256256},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.4310110807418823},{"id":"https://openalex.org/C150451098","wikidata":"https://www.wikidata.org/wiki/Q506059","display_name":"SQL injection","level":5,"score":0.423283189535141},{"id":"https://openalex.org/C2779530757","wikidata":"https://www.wikidata.org/wiki/Q1207505","display_name":"Quality (philosophy)","level":2,"score":0.41138195991516113},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3918308615684509},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2814761996269226},{"id":"https://openalex.org/C194222762","wikidata":"https://www.wikidata.org/wiki/Q114486","display_name":"Query by Example","level":4,"score":0.1125105619430542},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.11187279224395752},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.09590533375740051},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.08980664610862732},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.0},{"id":"https://openalex.org/C97854310","wikidata":"https://www.wikidata.org/wiki/Q19541","display_name":"Search engine","level":2,"score":0.0},{"id":"https://openalex.org/C111472728","wikidata":"https://www.wikidata.org/wiki/Q9471","display_name":"Epistemology","level":1,"score":0.0},{"id":"https://openalex.org/C164120249","wikidata":"https://www.wikidata.org/wiki/Q995982","display_name":"Web search query","level":3,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.2298/csis101231014m","is_oa":true,"landing_page_url":"https://doi.org/10.2298/csis101231014m","pdf_url":"http://www.doiserbia.nb.rs/ft.aspx?id=1820-02141100014M","source":{"id":"https://openalex.org/S206939107","display_name":"Computer Science and Information Systems","issn_l":"1820-0214","issn":["1820-0214","2406-1018"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310321031","host_organization_name":"ComSIS Consortium","host_organization_lineage":["https://openalex.org/P4310321031"],"host_organization_lineage_names":["ComSIS Consortium"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computer Science and Information Systems","raw_type":"journal-article"},{"id":"pmh:oai:doiserbia:1820-02141100014M","is_oa":false,"landing_page_url":"http://doi.org/10.2298/CSIS101231014M","pdf_url":null,"source":{"id":"https://openalex.org/S4306400515","display_name":"Digital Object Identifier (DOI) Repository Serbia (National Library of Serbia)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I4210142455","host_organization_name":"National Library of Serbia","host_organization_lineage":["https://openalex.org/I4210142455"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":". 8(2) 447-476"}],"best_oa_location":{"id":"doi:10.2298/csis101231014m","is_oa":true,"landing_page_url":"https://doi.org/10.2298/csis101231014m","pdf_url":"http://www.doiserbia.nb.rs/ft.aspx?id=1820-02141100014M","source":{"id":"https://openalex.org/S206939107","display_name":"Computer Science and Information Systems","issn_l":"1820-0214","issn":["1820-0214","2406-1018"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310321031","host_organization_name":"ComSIS Consortium","host_organization_lineage":["https://openalex.org/P4310321031"],"host_organization_lineage_names":["ComSIS Consortium"],"type":"journal"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Computer Science and Information Systems","raw_type":"journal-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","display_name":"Industry, innovation and infrastructure","score":0.550000011920929}],"awards":[],"funders":[{"id":"https://openalex.org/F4320323985","display_name":"Ettev\u00f5tluse Arendamise Sihtasutus","ror":"https://ror.org/02sfn4p13"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W2075694432.pdf","grobid_xml":"https://content.openalex.org/works/W2075694432.grobid-xml"},"referenced_works_count":31,"referenced_works":["https://openalex.org/W59219479","https://openalex.org/W179837550","https://openalex.org/W380379982","https://openalex.org/W818892910","https://openalex.org/W1483181473","https://openalex.org/W1486178352","https://openalex.org/W1487914223","https://openalex.org/W1492198637","https://openalex.org/W1516257798","https://openalex.org/W1530351394","https://openalex.org/W1567696012","https://openalex.org/W1581335334","https://openalex.org/W1668406785","https://openalex.org/W1912066346","https://openalex.org/W1922979104","https://openalex.org/W2008857148","https://openalex.org/W2010173096","https://openalex.org/W2027749820","https://openalex.org/W2075886324","https://openalex.org/W2077857471","https://openalex.org/W2097154968","https://openalex.org/W2098019984","https://openalex.org/W2114743187","https://openalex.org/W2130310983","https://openalex.org/W2148820438","https://openalex.org/W2150071393","https://openalex.org/W2154765153","https://openalex.org/W2163413877","https://openalex.org/W2398636069","https://openalex.org/W2497254477","https://openalex.org/W3161918289"],"related_works":["https://openalex.org/W1811024770","https://openalex.org/W2299494954","https://openalex.org/W2552271940","https://openalex.org/W2758682319","https://openalex.org/W88610236","https://openalex.org/W2395987867","https://openalex.org/W2176465394","https://openalex.org/W2542633692","https://openalex.org/W2290724697","https://openalex.org/W2467594283"],"abstract_inverted_index":{"System":[0],"security":[1,7,24,38,58,86,93,108,119,167,188,213,218],"is":[2,8,131],"an":[3,126],"important":[4],"artefact.":[5],"However":[6],"typically":[9],"considered":[10],"only":[11,80],"at":[12,60],"implementation":[13,39],"stage":[14],"nowadays":[15],"in":[16,160],"industry.":[17],"This":[18],"makes":[19],"it":[20],"difficult":[21],"to":[22,26,83,103,125,179,190,209,215],"communicate":[23],"solutions":[25,189],"the":[27,32,44,53,61,67,73,107,165,191,195,206,211,216],"stakeholders":[28,193],"earlier":[29],"and":[30,89,148,174,182],"raises":[31],"system":[33,63,192],"development":[34,64,87],"cost,":[35],"especially":[36,90],"if":[37],"errors":[40],"are":[41,144,177],"detected.":[42],"On":[43,66],"one":[45],"hand":[46,69],"practitioners":[47],"might":[48,75],"not":[49],"be":[50,76],"aware":[51],"of":[52,72,106,113,187],"approaches":[54,153,214],"that":[55,77],"help":[56],"represent":[57],"concerns":[59],"early":[62],"stages.":[65],"other":[68],"a":[70,100,123,135,161,184,203],"part":[71],"problem":[74],"there":[78],"exists":[79],"limited":[81],"support":[82],"compare":[84],"different":[85],"languages":[88],"their":[91],"resulting":[92],"models.":[94,109,168],"In":[95],"this":[96],"paper":[97,201],"we":[98,116],"propose":[99],"systematic":[101],"approach":[102],"assess":[104],"quality":[105,163],"To":[110],"illustrate":[111],"validity":[112],"our":[114,200],"proposal":[115],"investigate":[117],"three":[118],"models,":[120],"which":[121],"present":[122],"solution":[124],"industrial":[127,217],"problem.":[128],"One":[129],"model":[130],"created":[132],"using":[133],"PL/SQL,":[134],"procedural":[136],"extension":[137],"language":[138],"for":[139,154,164],"SQL;":[140],"another":[141],"two":[142],"models":[143],"prepared":[145],"with":[146,202],"SecureUML":[147],"UMLsec,":[149],"both":[150],"characterized":[151],"as":[152],"model-driven":[155,212],"security.":[156],"The":[157],"study":[158],"results":[159],"higher":[162,171],"later":[166],"These":[169],"contain":[170],"semantic":[172],"completeness":[173],"correctness,":[175],"they":[176],"easier":[178],"modify,":[180],"understand,":[181],"facilitate":[183],"better":[185],"communication":[186],"than":[194],"PL/SQL":[196],"model.":[197],"We":[198],"conclude":[199],"discussion":[204],"on":[205],"requirements":[207],"needed":[208],"adapt":[210],"analysis.":[219]},"counts_by_year":[{"year":2021,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2015,"cited_by_count":4},{"year":2014,"cited_by_count":3},{"year":2012,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2016-06-24T00:00:00"}