پورسعید بناب، زهرا؛ موسی خانی، محمد؛ عرب سرخی، ابوذر؛ محمدیان، ایوب (1397). ارائه مدل بلوغ قابلیت نوآوری مبتنی بر دانش مشتری بر اساس روش فراترکیب. دوفصلنامه مدیریت اطلاعات، 4(2)، 89-109.
عربسرخی، ابوذر؛ موسی خانی، محمد؛ مانیان، امیر (1395). ارائه مدلی مرجع برای تبیین الزامات امنیتی در حوزه یادگیری الکترونیکی از نگاه ذینفعان مختلف. مدیریت فناوری اطلاعات، 8(1)، 141-154.
محقر، علی؛ جعفرنژاد، احمد؛ مدرس یزدی، محمد؛ صادقی مقدم، محمدرضا (1392). ارائه الگوی جامع هماهنگی اطلاعاتی شبکه تأمین خودروسازی با استفاده از روش فراترکیب. مدیریت فناوری اطلاعات، 5(4)، 161- 194.
Agarwal, A., & Gupta, D. (2008). Security Requirements Elicitation Using View Points for Online System. First International Conference on Emerging Trends in Engineering and Technology.pp. 1238-1243.
Alena, B. (2019). Green ICT maturity model for Czech SMEs. Journal of Systems Integration 6(1), 24-36.
Baskerville, R. (1993). Information Systems Security Design Methods: Implications for Information Systems Development. Computing Surveys, 25(4), 375-414.
Belani, H., Car, Z., & Caric, A. (2009). RUP-based process model for security requirements engineering in value-added service development. IWSESSICSE Workshop on Software Engineering for Secure Systems. pp. 54-60.
Braber, F., Hogganvik, I., Lund, M., Stolen, K., & Vraalsen, F. (2007). Model-based security analysis in seven steps—a guided tour to the CORAS method. BT Technol Journal, 25(1), 101-117.
Cooper Brathwaite, A. (2007). Selection of a Conceptual Model/Framework for Guiding Research Interventions. The Internet Journal of Advanced Nursing Practice, 6(1),
Dzazali, S., Sulaiman, A., & Zolait, A. (2009). Information Security Landscape and Maturity Level: Case Study of Malaysian Public Service (MPS) Organizations. Government Information Quarterly, 26, 584-593.
Drobyazko, S., Hryhoruk, I., Pavlova, H., Volchanska, L., and Sergiychuk, S. (2019). Entrepreneurship innovation model for telecommunications enterprises. Journal of Entrepreneurship Education, 22(2).
EL-Hadary, H., & EL-Kassas, S. (2014). Capturing security requirements for software systems. Journal of Advanced Research, 5(4), 463-472.
Fabian, B., Gürses, S., Heisel, M., Santen, T., and Schmidt, H. (2010). A Comparison of Security Requirements Engineering Methods. Requirements Engineering - Special Issue on Security Requirements Engineering, 15, 7-40.
Gandotra, V., Singhal, A., & Bedi, P. (2009). Identifying Security Requirements Hybrid Technique. In the Proceedings of the 4th International Conference on Software Engineering Advances (ICSEA). Porto, Portugal. IEEE Computer Society. pp. 407-412.
Ghaffari, F., & Arabsorkhi, A. (2018). A New Adaptive Cyber-security Capability Maturity Model. In 2018 9th International Symposium on Telecommunications (IST) (pp. 298-304). IEEE.
Gorschek, T., Gomes, A., Pettersson, A., & Torkar, R. (2012). Introduction of a process maturity model for market-driven product management and requirements engineering. Journal of Software Maintenance, 24, 83-113.
Haley, C., Laney, R., Moffett, J., and Nuseibeh, B. 2008. Security Requirements Engineering:A Framework for Representation and Analysis. IEEE Ttansactions on Software Engineering, 34(1).
Haley, C., Moffett, J., Laney, R., and Nuseibeh, B. (2006). A framework for security requirements engineering. In: SESS’06: proceedings of the 2006 international workshop on Software engineering for secure systems. ACM Press, New York. pp. 35-42.
Hameed, S., Khan, F. I., and Hameed, B. (2019). Understanding security requirements and challenges in Internet of Things (IoT): A review.
Journal of Computer Networks and Communications. https://doi.org/10.1155/2019/9629381.
Hassan, R., Eltoweissy, M., Bohner, S., & El-Kassas, S. (2010). Formal analysis and design for engineering security automated derivation of formal software security specifications from goal-oriented security requirementsSoftware. IET. Software, 4(2), 149-160.
IBM-ISF. (2007).Introducing the IBM security Framework and IBM Security Blueprint to Realize Business- Driven Security Red guides for Business Leaders.
ISM3 Consortium. (2007). Information Security Management Maturity Model version 2.10.
Jose Virgilio, R.M. (2010). SURE: Secure and usable requirements engineering. PhD Dissertation University of California, Irvine 215.
Li, T., Horkoff, J., and Mylopoulos, J. (2018).Holistic security requirements analysis for socio-technical systems. Software & Systems Modeling, 17(4), 1253-1285.
Martínez, A., Jenkins, M., and Quesada-López, C. (2019). Identifying implied security requirements from functional requirements. In 2019 14th Iberian Conference on Information Systems and Technologies (CISTI) (pp. 1-7). IEEE.
Mead, N., Hough, E., & Stehney, T. (2005). Security quality requirements engineering (SQUARE) methodology. Carnegie Mellon.
Mead, N., Shoemaker, D., & Ingalsbe, J. (2009). Teaching Security Requirements Engineering Using SQUARE. REET. pp. 20-27.
Mead, N., Viswanathan, V., Padmanabhan, D., & Raveendran, A. (2008).
Incorporating security quality requirements engineering.DOI:
10.21236/ada482345
Mellado, D., Blanco, C., Sanchez, L., and Fernandez-Medina, E. (2010). A systematic review of security requirements engineering. Computer Standards and Interfaces, 32(4),153-165.
Mellado, D., Fernandez Medina, E., & Piattini, M. (2006). Applying a security requirements engineering process. In: ESORICS’06.
Mellado, D., Fernández-Medina, E., & Piattini, M. (2007). A common criteria based security requirements engineering process for the development of secure information systems. Computer Standards and Interfaces, 29, 244-253.
Mohammad, M. N. A., Nazir, M., & Mustafa, K. (2019). A Systematic Review and Analytical Evaluation of Security Requirements Engineering Approaches. Arabian Journal for Science and Engineering, 44(11), 8963-8987.
NIST. (2007). Program Review for Information Security Management Assistance – PRISMA. Available in: https://csrc.nist.gov/projects/program-review-for-information-security-assistance.
Romero-Mariona, J., Ziv, H., and Richardson, D. 2010. Formality of the Security Specification Process: Benefits Beyond Requirements. HICSS.pp. 1-6.
Ross, R. (2018). Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. Special Publication (NIST SP) - 800-37 Rev. 2.
Ross, Ronald S., McEvilley.,M, Janet C. 2018. Systems Security Engineering: Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. Special Publication (NIST SP) - 800-160.
Sharma, S., Warkentin, M. (2019). Do I really belong?: Impact of employment status on information security policy compliance. Computers & Security, 87, 101397.
Sindre, G., & Opdah, A. (2004). Eliciting security requirements with misuse cases. Requirements Engineering,10, 34-44.
Tøndel, I., Jaatun, M., & Meland, P. (2008). Security requirements for the rest of us: A survey, IEEE Software, 25(1), 20-27.
von Solms, S., & Marnewick, A. (2019). Identifying Security Requirements Body of Knowledge for the Security Systems Engineer. In IFIP World Conference on Information Security Education (pp. 59-71). Springer, Cham.
Wang, H., Jia, Z., & Shen, Z. (2009). Research on security requirements engineering process. In: Industrial Engineering and Engineering Management (pp. 1285-1288). 16th International Conference on IEEE.
Woodhouse, S. (2008). An ISMS (Im) – Maturity Capability Model. Proceedings of the IEEE 8th International Conference on Computer and Information Technology Workshops.
Yasin, A., Liu, L., Li, T., Wang, J., & Zowghi, D. (2018). Design and preliminary evaluation of a cyber Security Requirements Education Game (SREG). Information and Software Technology, 95, 179-200.
Zimmer, L. (2006). Qualitative meta-synthesis: A question of dialoguing with texts. Journal of Advanced Nursing, 53(3), 311-318.
Zuccato, A. (2007). Holistic security management framework applied in electronic commerce. journal of computers and security, 26, 256-265.
Zuccato, A., Endersz, V., & Daniaels, N. (2008). Security Requirement Engineering at a Telecom Provider. Proceedings of the Third International Conference on Availability, Reliability and Security. pp. 1139-1147.