{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,13]],"date-time":"2026-04-13T17:48:21Z","timestamp":1776102501512,"version":"3.50.1"},"reference-count":17,"publisher":"Elsevier BV","issue":"3","license":[{"start":{"date-parts":[[2007,5,1]],"date-time":"2007-05-01T00:00:00Z","timestamp":1177977600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers &amp; Security"],"published-print":{"date-parts":[[2007,5]]},"DOI":"10.1016\/j.cose.2006.10.004","type":"journal-article","created":{"date-parts":[[2006,11,29]],"date-time":"2006-11-29T16:30:32Z","timestamp":1164817832000},"page":"229-237","source":"Crossref","is-referenced-by-count":56,"title":["Evaluating information security tradeoffs: Restricting access can interfere with user tasks"],"prefix":"10.1016","volume":"26","author":[{"given":"Gerald V.","family":"Post","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Albert","family":"Kagan","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"issue":"4","key":"10.1016\/j.cose.2006.10.004_bib1","doi-asserted-by":"crossref","first-page":"375","DOI":"10.1145\/162124.162127","article-title":"Information systems security design methods: implications for information systems development","volume":"25","author":"Baskerville","year":"1993","journal-title":"ACM Computing Surveys"},{"issue":"5\/6","key":"10.1016\/j.cose.2006.10.004_bib2","doi-asserted-by":"crossref","first-page":"337","DOI":"10.1108\/09576050210447019","article-title":"An information security meta-policy for emergent organizations","volume":"15","author":"Baskerville","year":"2002","journal-title":"Journal of Logistics Information Management (Special issue on information security)"},{"key":"10.1016\/j.cose.2006.10.004_bib3","doi-asserted-by":"crossref","first-page":"297","DOI":"10.1007\/BF02310555","article-title":"Coefficient alpha and the internal structure of tests","volume":"16","author":"Cronbach","year":"1951","journal-title":"Psychometrica"},{"issue":"3","key":"10.1016\/j.cose.2006.10.004_bib17","doi-asserted-by":"crossref","first-page":"243","DOI":"10.1016\/S0167-4048(00)88613-7","article-title":"Information security management: a\u00a0hierarchical framework for various approaches","volume":"19","author":"Eloff","year":"2000","journal-title":"Computers & Security"},{"issue":"6","key":"10.1016\/j.cose.2006.10.004_bib4","doi-asserted-by":"crossref","first-page":"37","DOI":"10.1109\/MC.2004.17","article-title":"Computer security in the real world","volume":"37","author":"Lampson","year":"2002","journal-title":"Computer"},{"issue":"1","key":"10.1016\/j.cose.2006.10.004_bib5","doi-asserted-by":"crossref","first-page":"3","DOI":"10.1007\/s102070100003","article-title":"Computer security","volume":"1","author":"Landwehr","year":"2001","journal-title":"International Journal of Information Security"},{"key":"10.1016\/j.cose.2006.10.004_bib6","series-title":"Latent variable models","author":"Loehlin","year":"1992"},{"key":"10.1016\/j.cose.2006.10.004_bib7","unstructured":"Muth\u00e9n B, Muth\u00e9n L. Mplus: statistical analysis with latent variables. Los Angeles; 2001."},{"key":"10.1016\/j.cose.2006.10.004_bib8","series-title":"Psychometric methods","author":"Nunnally","year":"1967"},{"issue":"4","key":"10.1016\/j.cose.2006.10.004_bib9","doi-asserted-by":"crossref","first-page":"327","DOI":"10.1108\/09685220610690808","article-title":"Inter-organisational intrusion detection using knowledge grid technology","volume":"14","author":"Pilgermann","year":"2006","journal-title":"Information Management & Computer Security"},{"issue":"2","key":"10.1016\/j.cose.2006.10.004_bib10","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1108\/09670730510586986","article-title":"Energis trains employees and customers in IT security: only one company in ten has staff with the necessary qualifications","volume":"13","author":"Pollitt","year":"2005","journal-title":"Human Resource Management International Digest"},{"issue":"5","key":"10.1016\/j.cose.2006.10.004_bib11","doi-asserted-by":"crossref","first-page":"417","DOI":"10.1016\/0167-4048(87)90014-9","article-title":"Improving operating system security","volume":"6","author":"Post","year":"1987","journal-title":"Computers & Security"},{"issue":"4","key":"10.1016\/j.cose.2006.10.004_bib12","doi-asserted-by":"crossref","first-page":"331","DOI":"10.1016\/0167-4048(91)90109-Q","article-title":"Accessibility vs. security: a look at the demand for computer security","volume":"10","author":"Post","year":"1991","journal-title":"Computers & Security"},{"issue":"5","key":"10.1016\/j.cose.2006.10.004_bib13","doi-asserted-by":"crossref","first-page":"210","DOI":"10.1108\/09685220210446560","article-title":"Towards maturity of information security maturity criteria: six lessons learned from software maturity criteria","volume":"10","author":"Siponen","year":"2002","journal-title":"Information Management & Computer Security"},{"issue":"1","key":"10.1016\/j.cose.2006.10.004_bib14","doi-asserted-by":"crossref","first-page":"91","DOI":"10.1108\/09685220410518856","article-title":"From risk analysis to effective security management: towards an automated approach","volume":"12","author":"Tsoumas","year":"2004","journal-title":"Information Management & Computer Security"},{"issue":"4","key":"10.1016\/j.cose.2006.10.004_bib15","doi-asserted-by":"crossref","first-page":"493","DOI":"10.1108\/09653560510618339","article-title":"Managing computer security issues: preventing and limiting future threats and disasters","volume":"14","author":"Trim","year":"2005","journal-title":"Disaster Prevention and Management: An International Journal"},{"issue":"3","key":"10.1016\/j.cose.2006.10.004_bib16","doi-asserted-by":"crossref","first-page":"119","DOI":"10.1108\/09685220210431872","article-title":"The information security management toolbox \u2013 taking the pain out of security management","volume":"10","author":"Vermeulen","year":"2002","journal-title":"Information Management & Computer Security"}],"container-title":["Computers &amp; Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404806001532?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404806001532?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2019,1,11]],"date-time":"2019-01-11T03:23:00Z","timestamp":1547176980000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167404806001532"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,5]]},"references-count":17,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2007,5]]}},"alternative-id":["S0167404806001532"],"URL":"https:\/\/doi.org\/10.1016\/j.cose.2006.10.004","relation":{},"ISSN":["0167-4048"],"issn-type":[{"value":"0167-4048","type":"print"}],"subject":[],"published":{"date-parts":[[2007,5]]}}}