참고문헌
- Y. Barlette and V. V. Fomin, "The adoption of information security management standards: A literature review," in Information Resources Management: Concepts, Methodologies, Tools and Applications: IGI Global, 2010, pp. 69-90.
- M. Tamimi and I. Jebreen, "A Systematic Snapshot of Small Packaged Software Vendors' Enterprises," International Journal of Enterprise Information Systems (IJEIS), vol. 14, no. 2, pp. 21-42, 2018. https://doi.org/10.4018/IJEIS.2018040102
- S. U. Khan, M. Niazi, and R. Ahmad, "Critical success factors for offshore software development outsourcing vendors: A systematic literature review," in Global Software Engineering, 2009. ICGSE 2009. Fourth IEEE International Conference on, 2009: IEEE, pp. 207-216.
- G. Kalus and M. Kuhrmann, "Criteria for software process tailoring: a systematic review," in Proceedings of the 2013 International Conference on Software and System Process, 2013, pp. 171-180.
- M. Tamimi, F. Alghandi, and A. Yaseen, "A SYSTEM-ATIC SNAPSHOT REVIEW OF CUSTOM-MADE SOFTWARE ENTERPRISES FROM THE DEVELOPMENT PERSPECTIVES," International Journal of Information Systems Management Research Development (IJISMRD), vol. 9, no. 1, pp. 1-22, 2019, doi: 10.24247/ijismrdjun20191.
- V. Dimopoulos, S. Furnell, M. Jennex, and I. Kritharas, "Approaches to IT Security in Small and Medium Enterprises," in AISM, 2004, pp. 73-82.
- K. Alnafjan, "An empirical investigation into the adoption of Software Engineering Practice in Saudi Arabia," International Journal of Computer Science Issues (IJCSI), vol. 9, no. 3, p. 328, 2012.
- B. W. Boehm and P. N. Papaccio, "Understanding and controlling software costs," IEEE transactions on software engineering, vol. 14, no. 10, pp. 1462-1477, 1988. https://doi.org/10.1109/32.6191
- P. Morrison, D. Moye, R. Pandita, and L. Williams, "Mapping the field of software life cycle security metrics," Information and Software Technology, vol. 102, pp. 146-159, 2018. https://doi.org/10.1016/j.infsof.2018.05.011
- D. Geer, "Are companies actually using secure development life cycles?," Computer, vol. 43, no. 6, pp. 12-16, 2010.' https://doi.org/10.1109/MC.2010.159
- M. Tamimi, A. Alzahrani, R. Aljohani, M. Alshahrani, and B. Alharbi, "Security Review based on ISO 27000/ ISO 27001/ ISO 27002 Standards: A Case Study Research," International Journal of Management and Applied Science, vol. 5, no. 8, pp. 120-123, 2019.
- D.-L. Huang, P.-L. P. Rau, G. Salvendy, F. Gao, and J. Zhou, "Factors affecting perception of information security and their impacts on IT adoption and security practices," International Journal of Human-Computer Studies, vol. 69, no. 12, pp. 870-883, 2011. https://doi.org/10.1016/j.ijhcs.2011.07.007
- J. H. Sinard and P. Gershkovich, "Custom software development for use in a clinical laboratory," Journal of Pathology Informatics, vol. 3, 2012.
- F. Alghamdi, N. Hamza, and M. Tamimi, "Factors that Influence the Adoption of Information Security on Requirement Phase for Custom-Made Software at SMEs," in 2019 2nd International Conference on Computer Applications Information Security (ICCAIS), 2019: IEEE, pp. 1-6.
- T. Moutasm and J. Issam, "A Systematic Snapshot of Small Packaged Software Vendors' Enterprises," in Research Anthology on Recent Trends, Tools, and Implications of Computer Programming, A. Information Resources Management Ed. Hershey, PA, USA: IGI Global, 2021, pp. 1262-1285.
- I. Jebreen, M. Tamimi, H. Almajali, and F. Janabi, "Integration Testing in Small Packaged Software Vendors: A Systemic Snapshot," in Proceedings of the 2nd International Conference on E-Education, E-Business and ETechnology, 2018, pp. 106-110.
- D. Mellado, C. Blanco, L. E. Sanchez, and E. Fernandez-Medina, "A systematic review of security requirements engineering," Computer Standards Interfaces, vol. 32, no. 4, pp. 153-165, 2010. https://doi.org/10.1016/j.csi.2010.01.006
- P. Williams, "Information security governance," Information security technical report, vol. 6, no. 3, pp. 60-70, 2001. https://doi.org/10.1016/S1363-4127(01)00309-0
- H. El-Hadary and S. El-Kassas, "Capturing security requirements for software systems," Journal of advanced research, vol. 5, no. 4, pp. 463-472, 2014. https://doi.org/10.1016/j.jare.2014.03.001
- I. A. Tondel, M. G. Jaatun, and P. H. Meland, "Security requirements for the rest of us: A survey," IEEE software, vol. 25, no. 1, pp. 20-27, 2008. https://doi.org/10.1109/MS.2008.19
- C. Onwubiko and A. P. Lenaghan, "Managing security threats and vulnerabilities for small to medium enterprises," in 2007 IEEE Intelligence and Security Informatics, 2007: IEEE, pp. 244-249.
- R. L. Jones and A. Rastogi, "Secure coding: building security into the software development life cycle," Information Systems Security, vol. 13, no. 5, pp. 29-39, 2004. https://doi.org/10.1201/1086/44797.13.5.20041101/84907.5
- S. Myagmar, A. J. Lee, and W. Yurcik, "Threat modeling as a basis for security requirements," in Symposium on requirements engineering for information security (SREIS), 2005, vol. 2005: Citeseer, pp. 1-8.
- D. Mairiza and D. Zowghi, "An ontological framework to manage the relative conflicts between security and usability requirements," in 2010 Third International Workshop on Managing Requirements Knowledge, 2010: IEEE, pp. 1-6.
- Y. Acar, C. Stransky, D. Wermke, M. L. Mazurek, and S. Fahl, "Security developer studies with github users: Exploring a convenience sample," in Thirteenth Symposium on Usable Privacy and Security (SOUPS 2017), 2017, pp. 81-95.
- G. Sindre and A. L. Opdahl, "Eliciting security requirements with misuse cases," Requirements engineering, vol. 10, no. 1, pp. 34-44, 2005. https://doi.org/10.1007/s00766-004-0194-4
- C. Buschow and M. Suhr, "Change management and new organizational forms of content creation," in Media and change management: Springer, 2022, pp. 381-397.
- S. Snowden, J. Spafford, R. Michaelides, and J. Hopkins, "Technology acceptance and m-commerce in an operational environment," Journal of Enterprise Information Management, vol. 19, no. 5, pp. 525-539, 2006. https://doi.org/10.1108/17410390610703657
- G. Rezaei and M. R. Hashemi, "An SDN-based Firewall for Networks with Varying Security Requirements," in 2021 26th International Computer Conference, Computer Society of Iran (CSICC), 2021: IEEE, pp. 1-7.
- R. Mitra, "Security Level Identification and Secure Software Design of Safety Critical Embedded Systems: Methodologies and Process," in INCOSE International Symposium, 2017, vol. 27, no. 1: Wiley Online Library, pp. 1300-1313.
- K. Popovic and Z. Hocenski, "Cloud computing security issues and challenges," in The 33rd International Convention MIPRO, 2010: IEEE, pp. 344-349.
- A. Verma and S. Kaushal, "Cloud computing security issues and challenges: a survey," in International Conference on Advances in Computing and Communications, 2011: Springer, pp. 445-454.
- H. Hashimi, A. Hafez, and M. Beraka, "A novel view of risk management in software development life cycle," in 2012 12th International Symposium on Pervasive Systems, Algorithms and Networks, 2012: IEEE, pp. 128134.
- F. Mijnhardt, T. Baars, and M. Spruit, "Organizational characteristics influencing SME information security maturity," Journal of Computer Information Systems, vol. 56, no. 2, pp. 106-115, 2016. https://doi.org/10.1080/08874417.2016.1117369
- M. Essafi, L. Labed, and H. B. Ghezala, "S2d-prom: A strategy oriented process model for secure software development," in International Conference on Software Engineering Advances (ICSEA 2007), 2007: IEEE, pp. 24-24.
- S. Al-Dhahri, M. Al-Sarti, and A. A. Aziz, "Information Security Management System," International Journal of Computer Applications, vol. 158, no. 7, pp. 29-33, 2017. https://doi.org/10.5120/ijca2017912851
- N. D'Apuzzo, "3D body scanning technology for fashion and apparel industry," in Videometrics IX, 2007, vol. 6491: International Society for Optics and Photonics, p. 64910O.
- G. Virone, N. Noury, and J. Demongeot, "A system for automatic measurement of circadian activity deviations in telemedicine," IEEE Transactions on Biomedical Engineering, vol. 49, no. 12, pp. 1463-1469, 2002. https://doi.org/10.1109/TBME.2002.805452
- Y. Cherdantseva and J. Hilton, "A reference model of information assurance security," in 2013 International Conference on Availability, Reliability and Security, 2013: IEEE, pp. 546-555.
- M. U. A. Khan and M. Zulkernine, "On selecting appropriate development processes and requirements engineering methods for secure software," in 2009 33rd Annual IEEE International Computer Software and Applications Conference, 2009, vol. 2: IEEE, pp. 353-358.
- G. Dhillon and J. Backhouse, "Current directions in IS security research: towards socio-organizational perspectives," Information Systems Journal, vol. 11, no. 2, pp. 127-153, 2001. https://doi.org/10.1046/j.1365-2575.2001.00099.x
- E. B. Fernandez, "A Methodology for Secure Software Design," in Software Engineering Research and Practice, 2004, pp. 130-136.
- D.-M. Zhao, J.-H. Wang, J. Wu, and J.-F. Ma, "Us-ing fuzzy logic and entropy theory to risk assessment of the information security," in 2005 International Conference on Machine Learning and Cybernetics, 2005, vol. 4: IEEE, pp. 2448-2453.
- L. Wallace, M. Keil, and A. Rai, "How software project risk affects project performance: An investigation of the dimensions of risk and an exploratory model," Decision sciences, vol. 35, no. 2, pp. 289-321, 2004. https://doi.org/10.1111/j.00117315.2004.02059.x
- L. Wallace and M. Keil, "Software project risks and their effect on outcomes," Communications of the ACM,vol. 47, no. 4, pp. 68-73, 2004. https://doi.org/10.1145/975817.975819
- M. S. Saleh and A. Alfantookh, "A new comprehensive framework for enterprise information security risk management," Applied computing and informatics, vol. 9, no. 2, pp. 107-118, 2011. https://doi.org/10.1016/j.aci.2011.05.002
- S. Islam and W. Dong, "Human factors in software security risk management," in Proceedings of the first international workshop on Leadership and management in software architecture, 2008: ACM, pp. 13-16.
- M. Sulayman, C. Urquhart, E. Mendes, and S. Seidel, "Software process improvement success factors for small and medium Web companies: A qualitative study," Information and Software Technology, vol. 54, no. 5, pp. 479500, 2012.
- S. Mittal, P. K. Das, V. Mulwad, A. Joshi, and T. Finin, "Cybertwitter: Using twitter to generate alerts for cybersecurity threats and vulnerabilities," in 2016 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM), 2016: IEEE, pp. 860-867.
- R. Sabillon, J. Serra-Ruiz, V. Cavaller, and J. Cano, "A comprehensive cybersecurity audit model to improve cybersecurity assurance: The cybersecurity audit model (CSAM)," in 2017 International Conference on Information Systems and Computer Science (INCISCOS), 2017: IEEE, pp. 253-259.
- D. J. Sebastian and A. Hahn, "Exploring emerging cybersecurity risks from network-connected DER devices," in 2017 North American Power Symposium (NAPS), 2017: IEEE, pp. 1-6.
- D. Krenczyk and A. Dobrza nska-Danikiewicz, "The deadlock protection method used in the production systems," Journal of Materials Processing Technology, vol. 164, pp. 1388-1394, 2005.
- D. Krenczyk and B. Skolud, "Production preparation and order verification systems integration using method based on data transformation and data mapping," in International Conference on Hybrid Artificial Intelligence Systems, 2011: Springer, pp. 397-404.
- J. J. Pauli and D. Xu, "Misuse case-based design and analysis of secure software architecture," in International Conference on Information Technology: Coding and Computing (ITCC'05)-Volume II, 2005, vol. 2: IEEE, pp. 398-403.
- M. Almorsy, J. Grundy, and A. S. Ibrahim, "Automated software architecture security risk analysis using formalized signatures," in 2013 35th International Conference on Software Engineering (ICSE), 2013: IEEE, pp. 662671.
- D. Xu and K. E. Nygard, "Threat-driven modeling and verification of secure software using aspect-oriented Petri nets," IEEE transactions on software engineering, vol. 32, no. 4, pp. 265-278, 2006 https://doi.org/10.1109/TSE.2006.40
- D. Concha, J. Espadas, D. Romero, and A. Molina, "The e-HUB evolution: from a custom software architecture to a software-as-a-service implementation," Computers in Industry, vol. 61, no. 2, pp. 145-151, 2010 https://doi.org/10.1016/j.compind.2009.10.010
- M. J. Callaghan, J. Harkin, E. McColgan, T. M. McGinnity, and L. P. Maguire, "Client-server architecture for collaborative remote experimentation," Journal of Network and Computer Applications, vol. 30, no. 4, pp. 1295-1308, 2007. https://doi.org/10.1016/j.jnca.2006.09.006
- D.-R. Liu, M.-Y. Wu, and S.-T. Lee, "Role-based authorizations for workflow systems in support of task-based separation of duty," Journal of systems and software, vol. 73, no. 3, pp. 375-387, 2004. https://doi.org/10.1016/S0164-1212(03)00175-4
- H. Studiawan, C. Payne, and F. Sohel, "Graph clustering and anomaly detection of access control log for forensic purposes," Digital Investigation, vol. 21, pp. 76-87, 2017. https://doi.org/10.1016/j.diin.2017.05.001
- V. Amrutiya, S. Jhamb, P. Priyadarshi, and A. Bhatia, "Trustless Two-Factor Authentication Using Smart Contracts in Blockchains," in 2019 International Conference on Information Networking (ICOIN), 2019: IEEE, pp. 66-71.
- W. Xu, X. Zhang, H. Hu, G.-J. Ahn, and J.-P. Seifert, "Remote attestation with domain-based integrity model and policy analysis," IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 3, pp. 429-442, 2011. https://doi.org/10.1109/TDSC.2011.61
- M. P. Papazoglou, P. Traverso, S. Dustdar, and F. Leymann, "Service-oriented computing: State of the art and research challenges," Computer, vol. 40, no. 11, pp. 3845, 2007.
- D. Fensel and C. Bussler, "The web service modeling framework WSMF," Electronic Commerce Research and Applications, vol. 1, no. 2, pp. 113-137, 2002. https://doi.org/10.1016/S1567-4223(02)00015-7
- A. Chechulin, I. Kotenko, and V. Desnitsky, "An approach for network information flow analysis for systems of embedded components," in International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, 2012: Springer, pp. 146-155.
- Y. Deng, J. Wang, J. J. Tsai, and K. Beznosov, "An approach for modeling and analysis of security system architectures," IEEE Transactions on knowledge and data engineering, vol. 15, no. 5, pp. 1099-1119, 2003. https://doi.org/10.1109/TKDE.2003.1232267
- W. Xiong and R. Lagerstrom, "Threat modeling-A systematic literature review," Computers Security, vol. 84, pp. 53-69, 2019. https://doi.org/10.1016/j.cose.2019.03.010
- R. Scandariato, K. Wuyts, and W. Joosen, "A descriptive study of Microsoft's threat modeling technique," Requirements Engineering, vol. 20, no. 2, pp. 163-180, 2015. https://doi.org/10.1007/s00766-013-0195-2
- D. Dhillon, "Developer-driven threat modeling: Lessons learned in the trenches," IEEE Security Privacy, vol. 9, no. 4, pp. 41-47, 2011. https://doi.org/10.1109/MSP.2011.47
- P. H. Meland and J. Jensen, "Secure software design in practice," in 2008 Third International Conference on Availability, Reliability and Security, 2008: IEEE, pp. 1164-1171.
- A. Dautovic, R. Plosch, and M. Saft, "Automatic checking of quality best practices in software development documents," in 2011 11th international conference on quality software, 2011: IEEE, pp. 208-217.
- R. S. Geiger, N. Varoquaux, C. Mazel-Cabasse, and C. Holdgraf, "The types, roles, and practices of documentation in data analytics open source software libraries," Computer Supported Cooperative Work (CSCW), vol. 27, no. 3-6, pp. 767-802, 2018. https://doi.org/10.1007/s10606-018-9333-1
- B. McFee, J. W. Kim, M. Cartwright, J. Salamon, R. M. Bittner, and J. P. Bello, "Open-source practices for music signal processing research: Recommendations for transparent, sustainable, and reproducible audio research," IEEE Signal Processing Magazine, vol. 36, no. 1, pp. 128-137, 2018. https://doi.org/10.1109/MSP.2018.2875349
- D. Quinones and C. Rusu, "How to develop usability heuristics: A systematic literature review," Computer Standards Interfaces, vol. 53, pp. 89-122, 2017. https://doi.org/10.1016/j.csi.2017.03.009
- M. A. Sharkh, M. Jammal, A. Shami, and A. Ouda, "Resource allocation in a network-based cloud computing environment: design challenges," IEEE Communications Magazine, vol. 51, no. 11, pp. 46-52, 2013. https://doi.org/10.1109/MCOM.2013.6658651
- S. Lipner, "The trustworthy computing security development lifecycle," in 20th Annual Computer Security Applications Conference, 2004: IEEE, pp. 2-13.
- A. Castaldo, G. De Luca, and B. Barile, "DOES INITIAL ACCESS TO BANK LOANS PREDICT START-UPS'FUTURE DEFAULT PROBABILITY? EVIDENCE FROM ITALY," Contemporary Economic Policy, 2020.
- P. B. Prince and S. J. Lovesum, "Privacy Enforced Access Control Model for Secured Data Handling in CloudBased Pervasive Health Care System," SN Computer Science, vol. 1, no. 5, pp. 1-8, 2020. https://doi.org/10.1007/s42979-019-0007-y
- E. Markakis et al., "Acceleration at the edge for supporting smes security: The fortika paradigm," IEEE Communications Magazine, vol. 57, no. 2, pp. 41-47, 2019. https://doi.org/10.1109/MCOM.2019.1800506
- T. Brown, A. Kogan, Y. Lev, and V. Luchangco, "Investigating the performance of hardware transactions on a multi-socket machine," in Proceedings of the 28th ACM Symposium on Parallelism in Algorithms and Architectures, 2016: ACM, pp. 121-132.
- H. Shahriar and M. Zulkernine, "Mitigating program security vulnerabilities: Approaches and challenges," ACM Computing Surveys (CSUR), vol. 44, no. 3, p. 11, 2012.
- E. Kaynak, E. Tatoglu, and V. Kula, "An analysis of the factors affecting the adoption of electronic commerce by SMEs: Evidence from an emerging market," Inter-2005.
- A. K. Jain and D. Shanbhag, "Addressing security and privacy risks in mobile applications," IT Professional, vol. 14, no. 5, pp. 28-33, 2012. https://doi.org/10.1109/MITP.2012.72
- C. Dannewitz, J. Golic, B. Ohlman, and B. Ahlgren, "Secure naming for a network of information," in 2010 INFOCOM IEEE conference on computer communications workshops, 2010: IEEE, pp. 1-6.
- Y. Hashimoto et al., "Safety securing approach against cyber-attacks for process control system," Computers Chemical Engineering, vol. 57, pp. 181-186, 2013. https://doi.org/10.1016/j.compchemeng.2013.04.019
- D. Wei, Y. Lu, M. Jafari, P. Skare, and K. Rohde, "An integrated security system of protecting smart grid against cyber attacks," in 2010 Innovative Smart Grid Technologies (ISGT), 2010: IEEE, pp. 1-7.
- M. Khouzani, S. Sarkar, and E. Altman, "Optimal dissemination of security patches in mobile wireless networks," IEEE Transactions on Information Theory, vol. 58, no. 7, pp. 4714-4732, 2012. https://doi.org/10.1109/TIT.2012.2195295
- B. Brykczynski and R. A. Small, "Reducing internetbased intrusions: Effective security patch management," IEEE software, vol. 20, no. 1, pp. 50-57, 2003. https://doi.org/10.1109/MS.2003.1159029
- D. P. Gilliam, T. L. Wolfe, J. S. Sherif, and M. Bishop, "Software security checklist for the software life cycle," in WET ICE 2003. Proceedings. Twelfth IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2003., 2003: IEEE, pp. 243-248.
- S. Bellovin, "Security by checklist," IEEE Security Privacy, vol. 6, no. 2, pp. 88-88, 2008. https://doi.org/10.1109/MSP.2008.43
- R. Almadhoun, M. Kadadha, M. Alhemeiri, M. Alshehhi, and K. Salah, "A user authentication scheme of IoT devices using blockchain-enabled fog nodes," in 2018 IEEE/ACS 15th international conference on computer systems and applications (AICCSA), 2018: IEEE, pp. 18.
- C. Jiang and P. Zhang, "VNE Solution for Network Differentiated QoS and Security Requirements from the Perspective of Deep Reinforcement Learning," in QoSAware Virtual Network Embedding: Springer, 2021, pp. 61-84.
- S. Bu and B.-H. Wang, "Improving the security of chaotic encryption by using a simple modulating method," Chaos, Solitons Fractals, vol. 19, no. 4, pp. 919-924, 2004. https://doi.org/10.1016/S0960-0779(03)00260-1
- S. M. Farooq, S. Nabirasool, S. Kiran, S. S. Hussain, and T. S. Ustun, "MPTCP based mitigation of denial of service (DoS) attack in PMU communication networks," in 2018 IEEE International Conference on Power Electronics, Drives and Energy Systems (PEDES), 2018: IEEE, pp. 1-5.
- P. Danzi, M. Angjelichinoski, C. Stefanovic, T. Drag-national marketing review, vol. 22, no. 6, pp. 623-640,
- M. Felderer and E. Fourneret, "A systematic classification of security regression testing approaches," International Journal on Software Tools for Technology Transfer, vol. 17, no. 3, pp. 305-319, 2015. https://doi.org/10.1007/s10009-015-0365-2
- J. Highsmith and A. Cockburn, "Agile software development: The business of innovation," Computer, vol. 34, no. 9, pp. 120-127, 2001. https://doi.org/10.1109/2.947100
- K. Mohan, B. Ramesh, and V. Sugumaran, "Integrating software product line engineering and agile development," IEEE software, vol. 27, no. 3, pp. 48-55, 2010. https://doi.org/10.1109/MS.2010.31
- M. E. Delamaro, J. Maidonado, and A. P. Mathur, "Interface mutation: An approach for integration testing," IEEE transactions on software engineering, vol. 27, no. 3, pp. 228-247, 2001. https://doi.org/10.1109/32.910859
- L. Shaul and D. Tauber, "CSFs along ERP life-cycle in SMEs: a field study," Industrial Management Data Systems, vol. 112, no. 3, pp. 360-384, 2012. https://doi.org/10.1108/02635571211210031
- H. Holm, T. Sommestad, J. Almroth, and M. Persson, "A quantitative evaluation of vulnerability scanning," Information Management Computer Security, vol. 19, no. 4, pp. 231-247, 2011. https://doi.org/10.1108/09685221111173058
- J. Fonseca, M. Vieira, and H. Madeira, "Testing and comparing web vulnerability scanning tools for SQL injection and XSS attacks," in 13th Pacific Rim international symposium on dependable computing (PRDC 2007), 2007: IEEE, pp. 365-372.
- U. Bayer, A. Moser, C. Kruegel, and E. Kirda, "Dynamic analysis of malicious code," Journal in Computer Virology, vol. 2, no. 1, pp. 67-77, 2006. https://doi.org/10.1007/s11416-006-0012-2
- S. C. Talukder and M. M. Rahman, "Customer requirements oriented component based software development life cycle model," in 2015 International Conference on Computers, Communications, and Systems (ICCCS), 2015: IEEE, pp. 61-68.
- M. Geogy and A. Dharani, "Prominence of each phase in Software development life cycle contributes to the overall quality of a product," in 2015 International Conference on Soft-Computing and Networks Security (ICSNS), 2015: IEEE, pp. 1-2.
- A.-K. Groven, K. Haaland, R. Glott, and A. Tannenberg, "Security measurements within the framework of quality assessment models for free/libre open source software," in Proceedings of the fourth european conference on software architecture: Companion volume, 2010: ACM, pp. 229-235.
- S. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing," Journal of network and computer applications, vol. 34, no. 1, pp. 1-11, 2011. https://doi.org/10.1016/j.jnca.2010.07.006
- J. E. Mateer and R. W. Jones, "Information systems, indirect risks and safety: An 8-step safety management process," in 2018 13th IEEE Conference on Industrial Electronics and Applications (ICIEA), 2018: IEEE, pp. 352-357.
- P. Chapman, "Are your IT staff ready for the pandemic-driven insider threat?," Network Security, vol. 2020, no. 4, pp. 8-11, 2020. https://doi.org/10.1016/S1353-4858(20)30042-8
- A. Vangala, B. Bera, S. Saha, A. K. Das, N. Kumar, and Y. H. Park, "Blockchain-Enabled Certificate-Based Authentication for Vehicle Accident Detection and Notification in Intelligent Transportation Systems," IEEE Sensors Journal, 2020.
- G. K. Verma, B. Singh, N. Kumar, M. S. Obaidat, D. He, and H. Singh, "An efficient and provable certificatebased proxy signature scheme for IIoT environment," Information Sciences, vol. 518, pp. 142-156, 2020. https://doi.org/10.1016/j.ins.2020.01.006
- H. Pan, Y. Zhu, Z. Pan, and X. Lu, "An efficient scheme of merging multiple public key infrastructures in ERP," in International Conference on Web-Age Information Management, 2005: Springer, pp. 919-924.
- H. Liu and H. Goto, "Certificate-based, disruptiontolerant authentication system with automatic CA certificate distribution for Eduroam," in 2014 IEEE 38th International Computer Software and Applications Conference Workshops, 2014: IEEE, pp. 169-173.
- U. Somani, K. Lakhani, and M. Mundra, "Implementing digital signature with RSA encryption algorithm to enhance the Data Security of cloud in Cloud Computing," in 2010 First International Conference On Parallel, Distributed and Grid Computing (PDGC 2010), 2010: IEEE, pp. 211-216.
- B. Gastermann, M. Stopper, A. Kossik, and B. Katalinic, "Secure implementation of an on-premises cloud storage service for small and mediumsized enterprises," Procedia Engineering, vol. 100, pp. 574-583, 2015. https://doi.org/10.1016/j.proeng.2015.01.407
- N. Kundu, S. K. Debnath, D. Mishra, and T. Choudhury, "Post-quantum digital signature scheme based on multivariate cubic problem," Journal of Information Security and Applications, vol. 53, p. 102512, 2020.
- T. Kwon and J.-i. Lee, "Practical digital signature generation using biometrics," in International Conference on Computational Science and Its Applications, 2004: Springer, pp. 728-737
- R. Kolluru and P. H. Meredith, "Security and trust management in supply chains," Information Management Computer Security, vol. 9, no. 5, pp. 233-236, 2001 https://doi.org/10.1108/09685220110408031
- A. Ramtohul and K. Soyjaudah, "Information security governance for eservices in southern African developing countries e-Government projects," Journal of Science Technology Policy Management, vol. 7, no. 1, pp. 26-42, 2016. https://doi.org/10.1108/JSTPM-04-2014-0014
- M. Najjar, "A blue print practical implementation of PKI using open PGP at University of Tabuk," in 2013 Science and Information Conference, 2013: IEEE, pp. 358-362.
- D. Chadwick, A. Otenko, and E. Ball, "Role-based access control with X. 509 attribute certificates," IEEE Internet Computing, vol. 7, no. 2, pp. 62-69, 2003. https://doi.org/10.1109/MIC.2003.1189190
- R. Lippmann, S. Webster, and D. Stetson, "The effect of identifying vulnerabilities and patching software on the utility of network intrusion detection," in International Workshop on Recent Advances in Intrusion Detection, 2002: Springer, pp. 307-326.
- D. Novikov, R. V. Yampolskiy, and L. Reznik, "Artificial intelligence approaches for intrusion detection," in 2006 IEEE Long Island Systems, Applications and Technology Conference, 2006: IEEE, pp. 1-8.
- J. Witschey, S. Xiao, and E. Murphy-Hill, "Technical and personal factors influencing developers' adoption of security tools," in Proceedings of the 2014 ACM Workshop on Security Information Workers, 2014: ACM, pp. 23-26.
- E. Albrechtsen and J. Hovden, "The information security digital divide between information security managers and users," Computers Security, vol. 28, no. 6, pp. 476490, 2009.
- R. Rivera-Castro et al., "Topology-Based Clusterwise Regression for User Segmentation and Demand Forecasting," in 2019 IEEE International Conference on Data Science and Advanced Analytics (DSAA), 2019: IEEE, pp. 326-336.
- B. Uchendu, J. R. Nurse, M. Bada, and S. Furnell, "Developing a cyber security culture: Current practices and future needs," Computers Security, vol. 109, p. 102387, 2021.
- O. Temizkan, R. L. Kumar, S. Park, and C. Subramaniam, "Patch release behaviors of software vendors in response to vulnerabilities: An empirical analysis," Journal of management information systems, vol. 28, no. 4, pp. 305-338, 2012. https://doi.org/10.2753/MIS0742-1222280411
- A. Khajeh-Hosseini, I. Sommerville, J. Bogaerts, and P. Teregowda, "Decision support tools for cloud migration in the enterprise," in 2011 IEEE 4th International Conference on Cloud Computing, 2011: IEEE, pp. 541548.
- A. Kusumawati, "Information Security Awareness: Study on a Government Agency," in 2018 International Conference on Sustainable Information Engineering and Technology (SIET), 2018: IEEE, pp. 224-229.
- H. Aldawood and G. Skinner, "Educating and raising awareness on cyber security social engineering: A literature review," in 2018 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE), 2018: IEEE, pp. 62-68.
- R. Bitton, A. Finkelshtein, L. Sidi, R. Puzis, L. Rokach, and A. Shabtai, "Taxonomy of mobile users' security awareness," Computers Security, vol. 73, pp. 266293, 2018.
- P. Baillette, Y. Barlette, and A. Leclercq-Vandelannoitte, "Bring your own device in organizations: Extending the reversed IT adoption logic to security paradoxes for CEOs and end users," International Journal of Information Management, vol. 43, pp. 76-84, 2018. https://doi.org/10.1016/j.ijinfomgt.2018.07.007
- H.-S. Rhee, C. Kim, and Y. U. Ryu, "Self-efficacy in information security: Its influence on end users' information security practice behavior," Computers Security, vol. 28, no. 8, pp. 816-826, 2009. https://doi.org/10.1016/j.cose.2009.05.008
- J. Shropshire, M. Warkentin, and S. Sharma, "Personality, attitudes, and intentions: Predicting initial adoption of information security behavior," Computers Security, vol. 49, pp. 177-191, 2015. https://doi.org/10.1016/j.cose.2015.01.002
- F. F. H. Nah, S. Faja, and T. Cata, "Characteristics of ERP software maintenance: a multiple case study," Journal of software maintenance and evolution: research and practice, vol. 13, no. 6, pp. 399-414, 2001. https://doi.org/10.1002/smr.239
- E. Meneses, O. Sarood, and L. V. Kale, "Energy profile of rollback-recovery strategies in high performance computing," Parallel Computing, vol. 40, no. 9, pp. 536-547, 2014. https://doi.org/10.1016/j.parco.2014.03.005