Abstract
Measuring security is a complex task and requires a great deal of
knowledge. Managing this knowledge and presenting it in a universal way is
challenging. This paper describes the Information Security Measuring Ontology
(ISMO) for measuring information security. The ontology combines existing
measuring and security ontologies and instantiates it through example
measures. The ontology provides a solid way to present security measures for
software designers and adaptable applications. The software designer can
utilise the ontology to provide an application with security measuring
capability. Moreover, the adaptable application searches for measures from the
ontology, in order to measure a security level in the current run-time
situation. The case example illustrates the design and run-time usage of the
ontology. The experiment proved that the ontology facilitates the software
designer’s work, when implementing security measures for applications that are
able to retrieve measures from the ontology at run-time.
Original language | English |
---|---|
Title of host publication | Proceedings |
Subtitle of host publication | The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 |
Editors | Michel Diaz, Ernesto Exposito |
Publisher | International Academy, Research, and Industry Association IARIA |
Pages | 1-9 |
ISBN (Print) | 978-1-61208-005-5 |
Publication status | Published - 2011 |
MoE publication type | A4 Article in a conference publication |
Event | The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011 - Budapest, Hungary Duration: 17 Apr 2011 → 22 Apr 2011 |
Conference
Conference | The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011 |
---|---|
Abbreviated title | MOPAS 2011 |
Country/Territory | Hungary |
City | Budapest |
Period | 17/04/11 → 22/04/11 |
Keywords
- run-time
- quality
- measure
- security metric
- software