Ontology-Based Metrics Computation for System Security Assurance Evaluation

被引:3
|
作者
Wen, Shao-Fang [1 ]
Katt, Basel [1 ]
机构
[1] Norwegian Univ Sci & Technol, Dept Informat Secur & Commun Technol, Gjovik, Norway
来源
JOURNAL OF APPLIED SECURITY RESEARCH | 2024年 / 19卷 / 02期
关键词
System security; security assurance; quantitative approach; security metrics; ontology;
D O I
10.1080/19361610.2022.2157190
中图分类号
DF [法律]; D9 [法律];
学科分类号
0301 ;
摘要
Security assurance evaluation (SAE) is a technique that helps organizations to appraise the trust and confidence that a system can be operated correctly and securely. This paper contributes to the research on quantitative SAE by proposing an ontology-based assurance metrics computation solution, which consists of (1) a quantitative SAE approach, (2) an ontology for modeling the security assurance components and metrics, and (3) a metrics calculation engine for automatically generating metrics values. The feasibility and effectiveness of the proposed ontology-based SAE approach are examined through a preliminary ontology evaluation as well as a practical application-based evaluation.
引用
下载
收藏
页码:230 / 275
页数:46
相关论文
共 50 条
  • [21] Skill Ontology-Based Model for Quality Assurance in Crowdsourcing
    El Maarry, Kinda
    Balke, Wolf-Tilo
    Cho, Hyunsouk
    Hwang, Seung-won
    Babai, Yukino
    DATABASE SYSTEMS FOR ADVANCED APPLICATIONS, DASFAA 2014, 2014, 8505 : 376 - 387
  • [22] Ontology Metrics and Evolution in the GF Framework for Ontology-Based Data Access
    Alejandro Gomez, Sergio
    Ruben Fillottrani, Pablo
    COMPUTER SCIENCE, CACIC 2021, 2022, 1584 : 237 - 253
  • [23] Intercloud Trust and Security Decision Support System: an Ontology-based Approach
    Jorge Bernal Bernabe
    Gregorio Martinez Perez
    Antonio F. Skarmeta Gomez
    Journal of Grid Computing, 2015, 13 : 425 - 456
  • [24] Intercloud Trust and Security Decision Support System: an Ontology-based Approach
    Bernal Bernabe, Jorge
    Martinez Perez, Gregorio
    Skarmeta Gomez, Antonio F.
    JOURNAL OF GRID COMPUTING, 2015, 13 (03) : 425 - 456
  • [25] Ontology-based multi-agent model of an information security system
    Gorodetski, VI
    Popyack, LJ
    Kotenko, IV
    Skormin, VA
    NEW DIRECTIONS IN ROUGH SETS, DATA MINING, AND GRANULAR-SOFT COMPUTING, 1999, 1711 : 528 - 532
  • [26] Ontology-based Negotiation of Security Requirements in Cloud
    Liccardo, Loredana
    Rak, Massimiliano
    Di Modica, Giuseppe
    Tomarchio, Orazio
    2012 FOURTH INTERNATIONAL CONFERENCE ON COMPUTATIONAL ASPECTS OF SOCIAL NETWORKS (CASON), 2012, : 192 - 197
  • [27] An ontology-based framework for modelling security requirements
    Lasheras, Joaquin
    Valencia-Garcia, Rafael
    Tomas Fernandez-Breis, Jesualdo
    Toval, Ambrosio
    WOSIS 2008: SECURITY IN INFORMATION SYSTEMS, PROCEEDINGS, 2008, : 78 - 88
  • [28] An Ontology-based LBS System
    Liu, Dong
    Chen, Junliang
    Guo, Jie
    2008 4TH INTERNATIONAL CONFERENCE ON WIRELESS COMMUNICATIONS, NETWORKING AND MOBILE COMPUTING, VOLS 1-31, 2008, : 4973 - 4976
  • [29] An Ontology-based Approach to Security Pattern Selection
    Hui Guan
    Hongji Yang
    Jun Wang
    International Journal of Automation and Computing, 2016, (02) : 168 - 182
  • [30] An Ontology-based Approach to Security Pattern Selection
    Guan, Hui
    Yang, Hongji
    Wang, Jun
    INTERNATIONAL JOURNAL OF AUTOMATION AND COMPUTING, 2016, 13 (02) : 168 - 182
12345