1. National Research Council: Computers At Risk: Safe Computing in The Information Age, System Security Study Committee/Nat.ional Academy Press, Washington (1991).

2. British Standard 7799, Part 2 (1999), Information Technology-Specification for Information Security Management System, BSI.

3. Baskerville, R.: Research Notes: Research Directions in Information Systems Security, International Journal of Information Management, 14(5), 385–387, 1994

4. DMTF CIM Policy Model v. 2.9, available at http://www.dmtf.org

5. Donner, M.: Toward a Security Ontology, IEEE Security and Privacy, Vol. 1–3, (2003).