Page 314 - 捷運技術 第28期
P. 314
308 28 92 2
39.Reid,R.C. & Floyd, S.A. (2001), Extending the Risk Analysis Model to Include Market-
Insurance , Computers & Security, Vol.20, No.4, PP.331-339.
40.Robbins, S.P. (1994), Management, 4th Ed., Prentice-Hall International.
41.Rusell, D. & Gangemi, G.T. (1992), Computer Security Basics, California, USA, O Reilly &
Associates Inc., 1992.
42.Schendel, D. & Hofer, C.W. (eds) (1979), Strategic Management: A New View of Business Policy
and Planning, (Little, Brown & Company, Boston).
43.Schultz, E.E., Proctor, R.W., Lien, M.C. (2001), Usability and Security: An Appraisal of
Usability Issues in Information Security Methods , Computer & Security, Vol.20, No.7, PP.620-
634.
44.Sherwood, J. (1996), SALSA: A method for developing the enterprise security architecture and
Strategy , Computer & Security, Vol.2, No.3, PP.8-17.
45.Smith, M. (1989), Computer Security-Threats, Vulnerabilities and Countermeasures ,
Information Age, October, PP.205-210.
46.TCSEC(1985), Trusted Computer Systems Evaluation Criteria,US DoD5200.28-STD, December
1985.
47.Tryfonas, T., Kiountouzis, E. & Poulymanakou, A. (2001), Embedding Security Practices in
Contemporary Information Systems Development Approaches , Information Management &
Computer Security, PP.183-197.
48.Von Solms, R., Van Haar, H., Von Solms, S.H. & Caelli, W.J. (1994), A Framework for
Information Security Evaluation , Information & Management, 26, PP.143-153.
49.Von Solms, R. (1996), Information Security Management: The Second Generation , Computer
& Security, Vol.15, No.4, PP.281-288.
50.Weber, R. (1999), Information System Control and Audit, Prentice Hall, Upper Saddle River, New
Jersey, USA.
51.Wright,M. (1999), Third Generation Risk Management Practices , Computer Fraud & Security,
Feb., PP.9-12.
52.Yin, R. (1989), Case Study Research Design and Methods, Newburry park California, Sag
Publications, 1989 (rev.).
