Extendable Safety and Security Ontology

• Autorzy: Tomasz Boiński , Piotr Orłowski , Henryk Krawczyk

Warianty tytułu

Uniwersalna ontologia bezpieczeństwa

• Języki publikacji: EN

Abstrakty

EN

Security plays an increasingly important role in our everyday life, and researchers and users of computer systems point out that the need arises for a common, formalised model capable of integrating different solutions. In this paper we show that an ontology can be designed and created in a way that will make it suitable for interoperability and integration. A security and safety ontology and the methodology for creating a common model allowing future expandability and reuse are considered. Such interoperable ontologies can be easily integrated with current and future solutions and provide principles for increasing system interoperability. (original abstract)

Bezpieczeństwo odgrywa coraz bardziej istotną rolę w naszym codziennym życiu. Użytkownicy systemów komputerowych wskazują więc na potrzebę utworzenia jednego, wspólnego i sformalizowanego modelu integrujących wiele opisów i definicji bezpieczeństwa. Celem artykułu jest zaprezentowanie ontologii bezpieczeństwa zaprojektowanej i zaimplementowanej w sposób umożliwiający jej przyszłą rozbudowę i integrację z innymi rozwiązaniami. Zaprezentowano zarówno samą ontologię bezpieczeństwa jak i metodologię jej wytwarzania. Zaprezentowana metodlogia bazuje na pryncypiach uniwersalności, co pozwala na jej zastosowanie w celu integracji i rozbudowy zarówno obecnych jak i przyszłych systemów. (abstrakt oryginalny)

Słowa kluczowe

EN

Ontology; Security

PL

Ontologia; Bezpieczeństwo

• Czasopismo: Studia i Materiały Polskiego Stowarzyszenia Zarządzania Wiedzą
• Rocznik: 2012
• Tom: 60
• Strony: 16--29

Twórcy

autor

Tomasz Boiński

• Gdańsk University of Technology

autor

Piotr Orłowski

• Gdansk University of Technology

autor

Henryk Krawczyk

• Gdansk University of Technology

Bibliografia

• [1] Anderson R. Security engineering, Wydawnictwo Naukowo Techniczne, 2005.
• [2] Avizienis, A., Laprie, J.C., Randell, B., and Landwehr, C. Basic concepts and taxonomy of dependable and secure computing. Dependable and Secure Computing, IEEE Transactions on, 1(1):11-33, 2004.
• [3] Boiński, T. Procedures for merging and alignment of domain ontologies, PhD Thesis [in Polish]. Faculty of Electronics, Telecommunications and Informatics, Gdansk University of Technology, 2012.
• [4] Boiński, T., Orłowski, P., Szymański, J., and Krawczyk, H. Security ontology construction and integration. In Proceedings of KEOD2011 of the 3nd International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management, pp. 369- 374. INSTICC, 2011.
• [5] De Nicola, A., Missikoff, M., and Navigli, R. A software engineering approach to ontology building. Information Systems, 34(2): 258-275, 2009.
• [6] Donner, M. Toward a security ontology. IEEE Security & Privacy, pp. 6-7, 2003.
• [7] ENISA. Risk management: implementation principles and inventories for risk management/risk assessment methods and tools. Technical report, 2006.
• [8] Enisa. Enisa: a European Union Agency - Glossary of Risk Management. 2010.
• [9] Fenz, S., Pruckner, T., and Manutscheri, A. Ontological mapping of information security best-practice guidelines. In Business Information Systems, pp. 49-60. Springer, 2009.
• [10] Firesmith, D.G. A Taxonomy of safety-related requirements. In International Workshop on High Assurance Systems (RHAS'05), 2005.
• [11] Firesmith, D.G. A taxonomy of security-related requirements. In International Workshop on High Assurance Systems (RHAS'05). Citeseer, 2005.
• [12] Guttman, B. and Roback, E.A. An introduction to computer security: the NIST handbook. DIANE Publishing, 1995.
• [13] Herzog, A., Shahmehri, N., and Duma, C. An ontology of information security. 2009.
• [14] International Atomic Energy Agency (2007). IAEA Safety Glossary Terminology Used in Nuclear Safety and Radiation Protection [Online]. Available at: http://wwwpub.iaea.org/MTCD/publications/PDF/Pub1290_web.pdf.
• [15] ISO/IEC (2004). Information technology - Security techniques - Management of information and communications technology security - Part 1: Concepts and models for information and communications technology security management [Online]. Available at: http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail.htm?csnumber=39066.
• [16] Jian, N., Hu, W., Cheng, G., and Qu, Q. Falcon-AO: Aligning ontologies with Falcon. In Integrating Ontologies Workshop Proceedings, p. 85. Citeseer, 2005.
• [17] Kim, A., Luo, J., and Kang, M. Security ontology for annotating resources. On the Move to Meaningful Internet Systems 2005: CoopIS, DOA, and ODBASE, pp. 1483-1499, 2005.
• [18] Knublauch, H. Protégé-owl api programmer's guide. 2009.
• [19] Knublauch, H., Fergerson, R.W., Noy, N.F., and Musen, M.A. The Protégé OWL plugin: An open development environment for semantic web applications. The Semantic Web-ISWC 2004, pp. 229-243, 2004.
• [20] Krawczyk, H. Ontology engineering and its applications. Department of Computer System Architecture, ETI Faculty, Gdańsk University of Technology, 2007.
• [21] Noy, N.F., McGuinness, D.L., et al. Ontology development 101: A guide to creating your first ontology, 2001.
• [22] ontologydesignpatterns.org (2011). Ontology Design Patterns [Online]. Available at: http://ontologydesignpatterns.org/wiki/Main_Page.
• [23] Schober, D., et al. Towards naming conventions for use in controlled vocabulary and ontology engineering. Proceedings of BioOntologies SIG, ISMB07, pp. 29-32, 2007.
• [24] Schuemacher, M. Security engineering with patterns: origins, theoretical model, and new applications. Springer-Verlag, 2003.
• [25] Sommerville, I. Software Engineering. 8th. Harlow, UK: Addison-Wesley, 2006.
• [26] Suárez-Figueroa, M., Gómez-Pérez, A., and Villazón-Terrazas, B. How to write and use the Ontology Requirements Specification Document. On the Move to Meaningful Internet Systems: OTM 2009, pp. 966-982, 2009.
• [27] Suárez-Figueroa, M.C. et al. (2009), D5. 4.2: Revision and extension of the neon methodology for building contextualized ontology networks. [Online]. Available at: http://www.neon-project. Org.
• [28] Sure, Y., Staab, S. and Studer, R. Handbook on Ontologies. 2009.
• [29] Tartir, S. Ontology-driven question answering and ontology quality evaluation. 2009.
• [30] W3C, Heflin, J. (2004), OWL Web Ontology Language Use Cases and Requirements [Online]. Available at: http://www.w3.org/TR/webont-req/.