An Ontology for Security Patterns

被引：7

作者：

Pereira Vale, Anelis ^{[1
]}

Fernandez, Eduardo B. ^{[2
]}

机构：

[1] Univ Tecn Federico Santa Maria, Dept Informat, Valparaiso, Chile

[2] Florida Atlantic Univ, Dept Comp Sci & Engn, Boca Raton, FL 33431 USA

来源：

2019 38TH INTERNATIONAL CONFERENCE OF THE CHILEAN COMPUTER SCIENCE SOCIETY (SCCC) | 2019年

关键词：

ontologies; security patterns; semantics; secure software development; REQUIREMENTS;

D O I：

10.1109/sccc49216.2019.8966393

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

Security is a fundamental requirement that we must keep in mind when developing a system. We approach the secure construction of software through the use of security patterns, as a way to mitigate their threats. We propose an ontological approach to security patterns, with the aim of adding semantics to the elements that surround security patterns. We have added ontological descriptions to pattern descriptions to make their use more precise, to allow the development of appropriate tools to present to the developer the relevant patterns in each stage and to be able to build better pattern catalogs. A final objective would be the construction of a complete catalog where each pattern includes ontological descriptions. Our contributions are (i) a representation of security patterns in the form of ontology; (ii) examples through queries on the use of the ontology and (iii) a discussion of the possible uses of this ontology for secure software development.

引用

页数：8

共 50 条

[31] An Ontology for Effective Security Incident Management
Chockalingam, Sabarathinam
Maathuis, Clara
[J]. PROCEEDINGS OF THE 17TH INTERNATIONAL CONFERENCE ON CYBER WARFARE AND SECURITY (ICCWS 2022), 2022, : 26 - 35
[32] Knowledge Model and Ontology for Security Services
Kovalenko, Oleksii
Kovalenko, Taras
[J]. 2018 IEEE FIRST INTERNATIONAL CONFERENCE ON SYSTEM ANALYSIS & INTELLIGENT COMPUTING (SAIC), 2018, : 240 - 243
[33] An ontology description for SIP security flaws
Geneiatakis, Dimitris
Lambrinoudakis, Costas
[J]. COMPUTER COMMUNICATIONS, 2007, 30 (06) : 1367 - 1374
[34] An Ontology Based Approach to Information Security
Pereira, Teresa
Santos, Henrique
[J]. METADATA AND SEMANTIC RESEARCH, PROCEEDINGS, 2009, 46 : 183 - 192
[35] An Ontology Based Storage of Security Information
Kotenko, Igor
Fedorchenko, Andrey
Doynikova, Elena
Chechulin, Andrey
[J]. INFORMATION TECHNOLOGY AND CONTROL, 2018, 47 (04): : 655 - 667
[36] An ontology for modelling security: The Tropos approach
Mouratidis, H
Giorgini, P
Manson, G
[J]. KNOWLEDGE-BASED INTELLIGENT INFORMATION AND ENGINEERING SYSTEMS, PT 1, PROCEEDINGS, 2003, 2773 : 1387 - 1394
[37] The order machine - the ontology of information security
[J]. Vuorinen, J. (juanvu@utu.fi), 2012, Association for Information Systems (13)
[38] The Order Machine - The Ontology of Information Security
Vuorinen, Jukka
Tetri, Pekka
[J]. JOURNAL OF THE ASSOCIATION FOR INFORMATION SYSTEMS, 2012, 13 (09): : 695 - 713
[39] Ontology Based Approach for Network Security
Arunadevi, M.
Perumal, K. S.
[J]. PROCEEDINGS OF 2016 INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION CONTROL AND COMPUTING TECHNOLOGIES (ICACCCT), 2016, : 573 - 578
[40] A Security Ontology with MDA for Software Development
Kang, Wentao
Liang, Ying
[J]. 2013 INTERNATIONAL CONFERENCE ON CYBER-ENABLED DISTRIBUTED COMPUTING AND KNOWLEDGE DISCOVERY (CYBERC), 2013, : 67 - 74

← 1 2 3 4 5 →