An Ontology Based Information Security Requirements Engineering Framework

被引：0

作者：

Chikh, Azeddine ^{[2
]}

Abulaish, Muhammad ^{[1
,3
]}

Nabi, Syed Irfan ^{[1
,3
,4
]}

Alghathbar, Khaled ^{[1
,2
,3
]}

机构：

[1] King Saud Univ, Ctr Excellence Informat Assurance, Riyadh, Saudi Arabia

[2] King Saud Univ, Coll Comp & Informat Sci, Riyadh, Saudi Arabia

[3] King Saud Univ, Ctr Excellence Informat Assurance, Riyadh, 11451, Saudi Arabia

[4] Inst Bus Adm, Fac Comp Sci, Karachi, Pakistan

来源：

SECURE AND TRUST COMPUTING, DATA MANAGEMENT, AND APPLICATIONS | 2011年 / 186卷

关键词：

Information security; software requirements engineering; Software requirements specification;

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Software Requirement Specification (SRS) is frequently evolving to reflect requirements change during project development. Therefore, it needs enhancement to facilitate its authoring and reuse. This paper proposes a framework for building a part of SRS related to information security requirements (ISRs) using ontologies. Such a framework allows ensuring ISRs traceability and reuse. The framework uses three kinds of generic ontologies as a solution to this problem - software requirement ontology, application domain ontology, information security ontology. We propose to enhance SRS by associating the ISR with specific entities within ontologies. We aim to facilitate a semantic-based interpretation of ISRs by restricting their interpretation through the three previous ontologies. Semantic form is used to improve our ability to create, manage, and maintain ISRs. We anticipate that the proposed framework would be very helpful for requirements engineers to create and understand the ISRs.

引用

页码：139 / +

页数：3

共 50 条

[1] A Novel Method: Ontology-based Security Requirements Engineering Framework
Salini, P.
Kanmani, S.
[J]. FIRST INTERNATIONAL CONFERENCE ON EMERGING TRENDS IN ENGINEERING, TECHNOLOGY AND SCIENCE - ICETETS 2016, 2016,
[2] An ontology-based framework for modelling security requirements
Lasheras, Joaquin
Valencia-Garcia, Rafael
Tomas Fernandez-Breis, Jesualdo
Toval, Ambrosio
[J]. WOSIS 2008: SECURITY IN INFORMATION SYSTEMS, PROCEEDINGS, 2008, : 78 - 88
[3] Modelling Reusable Security Requirements based on an Ontology Framework
Lasheras, Joaquin
Valencia-Garcia, Rafael
Tomas Fernandez-Breis, Jesualdo
Toval, Ambrosio
[J]. JOURNAL OF RESEARCH AND PRACTICE IN INFORMATION TECHNOLOGY, 2009, 41 (02): : 119 - 133
[4] Ontology-based active requirements engineering framework
Lee, SW
Gandhi, RA
[J]. 12TH ASIA-PACIFIC SOFTWARE ENGINEERING CONFERENCE, PROCEEDINGS, 2005, : 481 - 488
[5] Categorisation of Requirements in the Ontology-Based Framework for Employer Information Requirements (OntEIR)
Dwairi, Shadan
Mahdjoubi, Lamine
[J]. BUILDINGS, 2022, 12 (11)
[6] SIMOnt: A Security Information Management Ontology Framework
Abulaish, Muhammad
Nabi, Syed Irfan
Alghathbar, Khaled
Chikh, Azeddine
[J]. SECURE AND TRUST COMPUTING, DATA MANAGEMENT, AND APPLICATIONS, 2011, 186 : 201 - +
[7] Security requirements engineering: A framework for representation and analysis
Haley, Charles B.
Laney, Robin
Moffett, Jonathan D.
Nuseibeh, Bashar
[J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2008, 34 (01) : 133 - 153
[8] Framework for Engineering Complex Security Requirements Patterns
Mazo, Raul
Feltus, Christophe
[J]. 2016 6TH INTERNATIONAL CONFERENCE ON IT CONVERGENCE AND SECURITY (ICITCS 2016), 2016, : 250 - 254
[9] Security Requirements Engineering Framework with BPMN 2.0.2 Extension Model for Development of Information Systems
Zareen, Saima
Akram, Adeel
Ahmad Khan, Shoab
[J]. APPLIED SCIENCES-BASEL, 2020, 10 (14):
[10] Secure Information Systems development -: Based on a security requirements engineering process
Mellado, Daniel
Fernandez-Medina, Eduardo
Piattini, Mario
[J]. SECRYPT 2006: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2006, : 467 - +

← 1 2 3 4 5 →