Information Technology Reference
In-Depth Information
Forrest, Jay, 2007,
Systems Dynamics, Alternative Futures, and Scenarios
, The Strategic Deci-
sion Simulation Group (http://www.systemdynamics.org/conferences/1998/PRO-
CEED/00095.PDF, accessed October 2007)
Gharajedaghi , Jamshid, 1999,
Systems Thinking—Managing Chaos and Complexity
, But-
terworth-Heinemann, New York.
Haley, Charles, 2003,
Using Trust Assumptions in Security Requirements Engineering
, he
Open University, London, U.K.
Hallberg, Carl, Hutt, Arthur E., and Kabay, M.E., 2002, “Management Responsibilities
and Liabilities,” in
the
Computer Security Handbook 4
th
Edition,
Bosworth, Seymour
and Kabay, M.E., Eds., John Wiley & Sons, Hoboken, NJ.
Howard, John D., and Longstaff, Thomas A., 1998.
A Common Language for Computer
Security Incidents
, Sandia National Laboratories, Sandia, NM.
Howard, John D., and Meunier, Pascal, 2002, “Using a 'Common Language' for Com-
puter Security Incident Information, in the
Computer Security Handbook 4
th
Edition
Bosworth, Seymour, and Kabay, M.E., Eds., John Wiley & Sons, Hoboken, NJ.
Hunter, Richard, 2002,
World Without Secrets
, Gartner Press, Stamford, CT.
Insurance Information Institute, August, 2003,
Most Companies Have Cyber-Risk Gaps in
Their Insurance Cover Coverage.
Kruse II, Warren G., and Heiser, Jay G., 2001,
Computer Forensics: Incident Response Essen-
tials
, Addison-Wesley, United Kingdom.
Maier, Mark W., and Rechtin, Eberhardt, 2002,
The Art of Systems Architecting
,
2d Ed
.,
CRC Press, Boca Raton, FL.
Marks, Richard D., 2004,
Enterprise Liability for Information Security
.
National Institute of Standards & Technology (NIST) (http://csrc.nist.gov/publications/
nistpubs/, accessed July 2007)
•
Various Special Publications (SP)
• Various Federal Information Processing Standards (FIPS)
OECD Guidelines for the Security of Information Systems and Networks: Towards a Culture of
Security,
OECD Council, July 25, 2002.
Parker, Donn B., 2002, ”Toward a New Framework for Information Security,” in the
Com-
puter Security Handbook 4
th
Edition
Bosworth, Seymour and Kabay, M.E., Eds., John
Wiley & Sons, Hoboken, NJ.
Practical Guide to Federal Enterprise Architecture v. 1.0
, Chief Information Officer Council,
February 2001. (http://www.enterprise-architecture.info/Images/Documents/Feder
al%20Enterprise%20Architecture%20Guide%20v1a.pdf, accessed February 2008)
The President's Critical Infrastructure Protection Board,
National Strategy to Secure Cyber-
space
, February 2003, USA
Schneier, Bruce, 1999,
Attack Trees
, CounterPane Systems (www.counterpane.com, last
accessed March 2008), presentation to SANS Network Security.
Schwartau, Winn, 2003,
Asymmetrical Adversarialism in National Defense Policy
.
Spewak, Steven H., 1992,
Enterprise Architecture Planning
, John Wiley & Sons, Hoboken,
NJ.
Spitzner, Lance, 2003,
Honeypots - Tracking Hackers
, Addison Wesley, United Kingdom.
Systems Engineering Handbook
, International Council on Systems Engineering (INCOSE)
v2a, 2004, USA