The information systems' security level assessment model based on an ontology and evidential reasoning approach

ANSSI Awad, 2011, Multi-objectives model to process security risk assessment based on AHP-PSO, Mod Appl Sci, 5, 246, 10.5539/mas.v5n3p246 Beckers, 2012, 242 Beynon, 2001, An expert system for multi-criteria decision making using Dempster–Shafer theory, Expert Syst Appl, 20, 357, 10.1016/S0957-4174(01)00020-3 BSI BSI CNiL Cornford, 2006, DDP: a tool for life-cycle risk management, IEEE Aerosp Electron Syst Mag, 21, 13, 10.1109/MAES.2006.1662004 Dardenne, 1993, Goal-directed requirements acquisition, Sci Comput Program, 20 Dempster, 1967, Upper and lower probabilities induced by a multivalued mapping, Ann Math Stat, 38, 325, 10.1214/aoms/1177698950 Ekelhart, 2009, 1 Fenz, 2011, A community knowledge base for IT security, IEEE ITPro, 13, 24 Gruber, 1995, Toward principles for the design of ontologies used for knowledge sharing, Int J Hum Comput Stud, 43, 907, 10.1006/ijhc.1995.1081 Haley, 2012, Information robbery: the 2011 internet security threat report Huang, 2008 Jagnjic, 2004, 13 Jovic, 2004, Condition based maintenance in distributed production environment, Mach Eng, 4, 180 Klaic, 2013, Conceptual modeling of information systems within the information security policies, J Econ Bus Manage, 1, 371, 10.7763/JOEBM.2013.V1.80 Klaic, 2011, 1532 Kruger, 2006, A prototype for assessing information security awareness, Comput Secur, 25, 289, 10.1016/j.cose.2006.02.008 Liu, 2008, Assessment of strategic R&D projects for car manufacturers based on the evidential reasoning approach, Int J Comput Intell Syst, 1, 24 Lund, 2011 Mangold, 2012, 522 Mouratidis, 2007, Secure tropos: a security-oriented extension of the tropos methodology, Int J Softw Eng Knowl Eng, 17, 285, 10.1142/S0218194007003240 Noy, 2005 Russell, 2010, 46 Sajko, 2010, 1215 Sasse, 2001, Transforming the “weakest link” – a human/computer interaction approach to usable and effective security, J BT Technol J Arch, 19, 122, 10.1023/A:1011902718709 Schmidt, 2011, Ch. 3: a pattern- and component-based method to develop secure software, 32 Schwittek, 2012, 499 Shafer, 1976 Solic, 2011, 1512 Solic, 2013, An approach to the assessment of potentially risky behavior of ICT systems' users, Tehn Vjesn, 20, 335 Srivastava, 2003, Applications of belief functions in business decisions: a review, Inf Syst Front, 5, 359, 10.1023/B:ISFI.0000005651.93751.4b Velki, 2014, 1564 W3C W3C Wu, 2005, Knowledge reduction in random information systems via Dempster–Shafer theory of evidence, Inf Sci, 174, 143, 10.1016/j.ins.2004.09.002 Yager, 1987, On the Dempster-Shafer framework and new combination rules, Inf Sci, 41, 93, 10.1016/0020-0255(87)90007-7 Yang, 1994, A general multi-level evaluation process for hybrid MADM with uncertainty, IEEE Trans Syst Man Cybern, 24, 1458, 10.1109/21.310529 Yang, 1994, An evidential reasoning approach for multiple attribute decision making with uncertainty, IEEE Trans Syst Man Cybern, 24, 1, 10.1109/21.259681 Yang, 2002, On the evidential reasoning algorithm for multiple attribute decision analysis under uncertainty, IEEE Trans Syst Man Cybern, 32, 289, 10.1109/TSMCA.2002.802746 Zhang, 2005, Research on subjective and objective evidence fusion method in oil reserve forecast, J Syst Simul, 17, 2537 Zhang, 1990, 13 Zhou, 2010, Evidential reasoning-based nonlinear programming model for MCDA under fuzzy weights and utilities, Int J Intel Syst, 25, 31, 10.1002/int.20387