@inproceedings{adee5aba7a6943a29aeeb068f0d87d12,
title = "Security modelling for risk analysis",
abstract = "A security model to facilitate the recording and investigation of organizational security data is proposed; this model employs a directory structure for security entities and relationships. The model database with associated software may then be employed to develop and display organisational threat networks representing the risk environment of the organisational information processing and communication system. Thereafter the design of the defence systems may be facilitated by interactive procedures to determine appropriate countermeasure structures. {\textcopyright} 2004 by Springer Science+Business Media Dordrecht.",
keywords = "Countermeasures, Risk analysis, Security documentation, Security models, Security standards, Threat trees",
author = "Lam-for Kwok and Dennis Longley",
year = "2004",
doi = "10.1007/1-4020-8143-x_3",
language = "English",
isbn = "9781475780161",
volume = "147",
series = "IFIP Advances in Information and Communication Technology",
publisher = "Springer New York",
pages = "29--45",
booktitle = "Security and Protection in Information Processing systems",
address = "United States",
note = "IFIP TC11 19th International Information Security Conference, SEC 2004 ; Conference date: 22-08-2004 Through 27-08-2004",
}