. Ferrer, The Role of SLAs in Building a Trusted Cloud for Europe, IFIP International Conference on Trust Management, pp.262-275, 2015.
DOI : 10.1007/978-3-319-18491-3_22

URL : https://hal.archives-ouvertes.fr/hal-01416234

R. Bhme, Security Audits Revisited, International Conference on Financial Cryptography and Data Security, pp.129-147, 2012.
DOI : 10.1007/978-3-642-32946-3_11

. Bernsmed, Security SLAs for Federated Cloud Services, 2011 Sixth International Conference on Availability, Reliability and Security, pp.202-209, 2011.
DOI : 10.1109/ARES.2011.34

. Jaatun, Security SLAs ??? An Idea Whose Time Has Come?, pp.123-130, 2012.
DOI : 10.1007/978-3-642-32498-7_10

URL : https://hal.archives-ouvertes.fr/hal-01542465

R. R. Henning, Security service level agreements, Proceedings of the 1999 workshop on New security paradigms , NSPW '99, pp.54-60, 1999.
DOI : 10.1145/335169.335194

B. Monahan and M. Yearworth, Meaningful security SLAs, 2008.

. Guesmi, Access Control and Security Properties Requirements Specification for Clouds' SecLAs, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, 2013.
DOI : 10.1109/CloudCom.2013.133

URL : https://hal.archives-ouvertes.fr/hal-00920768

. Takahashi, Tailored Security: Building Nonrepudiable Security Service-Level Agreements, IEEE Vehicular Technology Magazine, pp.54-62, 2013.
DOI : 10.1109/MVT.2013.2269188

. Rak, Security as a Service Using an SLA-Based Approach via SPECS, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science, pp.1-6, 2013.
DOI : 10.1109/CloudCom.2013.165

. Rios, Towards Self-Protective Multi-Cloud Applications, 2015.

. Luna, Quantitative Reasoning about Cloud Security Using Service Level Agreements, IEEE Transactions on Cloud Computing, pp.1-1, 2015.
DOI : 10.1109/TCC.2015.2469659

S. Hadeka and M. Scheimer, DoD Amends its DFARS Safeguarding and Cyber Incident Reporting Requirements with a Second Interim Rule, 2016.

. Bird, China introduces new cybersecurity for rules for banking procurement, 2016.

Y. Nugraha, Security Assurance Requirements Engineering (STARE) for trustworthy service level agreements, 2015 IEEE 23rd International Requirements Engineering Conference (RE), pp.398-399, 2015.
DOI : 10.1109/RE.2015.7320458

. Nugraha, An Adaptive Wideband Delphi Method to Study State Cyber-Defence Requirements, IEEE Transactions on Emerging Topics in Computing, pp.47-59, 2016.
DOI : 10.1109/TETC.2015.2389661

URL : http://doi.org/10.1109/tetc.2015.2389661

. Harrell, Data Collection Methods, 2009.

. Paul, Methods of data collection in qualitative research, Nature, p.291295, 2008.

. Mcgregor, Investigating the computer security practices and needs of journalists, 24th USENIX Security Symposium (USENIX Security 15), pp.399-414, 2015.

. Egelman, Are You Ready to Lock?, Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS '14, pp.750-761, 2014.
DOI : 10.1146/annurev.eg.01.110176.003213

K. Charmaz, Constructing grounded theory, Sage, 2014.

M. Birks and J. Mills, Grounded theory: A practical guide, Sage, 2015.

. Guest, How Many Interviews Are Enough?, Field Methods, vol.22, issue.2, p.5982, 2006.
DOI : 10.1097/00007435-199501000-00003

. Pivrinta, Grounding theory from Delphi studies, International Conference on Information Systems, pp.2022-2035, 2011.

K. Howard, Educating cultural heritage information professionals for Australia's galleries, libraries, archives and museums: A grounded Delphi study, 2015.

M. Turoff, The design of a policy Delphi, In: Technological forecasting and social change, vol.2, issue.2, pp.149-171, 1970.

. Schmidt, Identifying Software Project Risks: An International Delphi Study, Journal of Management Information Systems, vol.17, issue.4, p.536, 2001.
DOI : 10.1080/07421222.2001.11045662

. Okoli, The Delphi method as a research tool, In: Information and Management, 2004.

. Delbecq, Group techniques for program planning, 1975.

C. Hsu and B. Sandford, The Delphi Technique, Encyclopedia of Research Design, p.344247, 2010.
DOI : 10.4018/978-1-4666-0074-4.ch011

A. Shostack, Threat modeling: Designing for security, 2014.