The design, instantiation, and usage of information security measuring ontology

Antti Evesti, Reijo Savola, Eila Ovaska, Jarkko Kuusijärvi

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    Abstract

    Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.
    Original languageEnglish
    Title of host publicationProceedings
    Subtitle of host publicationThe Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011
    EditorsMichel Diaz, Ernesto Exposito
    PublisherInternational Academy, Research, and Industry Association IARIA
    Pages1-9
    ISBN (Print)978-1-61208-005-5
    Publication statusPublished - 2011
    MoE publication typeA4 Article in a conference publication
    EventThe second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011 - Budapest, Hungary
    Duration: 17 Apr 201122 Apr 2011

    Conference

    ConferenceThe second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011
    Abbreviated titleMOPAS 2011
    CountryHungary
    CityBudapest
    Period17/04/1122/04/11

    Fingerprint

    Security of data
    Ontology

    Keywords

    • run-time
    • quality
    • measure
    • security metric
    • software

    Cite this

    Evesti, A., Savola, R., Ovaska, E., & Kuusijärvi, J. (2011). The design, instantiation, and usage of information security measuring ontology. In M. Diaz, & E. Exposito (Eds.), Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 (pp. 1-9). International Academy, Research, and Industry Association IARIA.
    Evesti, Antti ; Savola, Reijo ; Ovaska, Eila ; Kuusijärvi, Jarkko. / The design, instantiation, and usage of information security measuring ontology. Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . editor / Michel Diaz ; Ernesto Exposito. International Academy, Research, and Industry Association IARIA, 2011. pp. 1-9
    @inproceedings{0558024e037d45268882cb40f8d9e21e,
    title = "The design, instantiation, and usage of information security measuring ontology",
    abstract = "Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.",
    keywords = "run-time, quality, measure, security metric, software",
    author = "Antti Evesti and Reijo Savola and Eila Ovaska and Jarkko Kuusij{\"a}rvi",
    note = "Project code: 31576",
    year = "2011",
    language = "English",
    isbn = "978-1-61208-005-5",
    pages = "1--9",
    editor = "Michel Diaz and Ernesto Exposito",
    booktitle = "Proceedings",
    publisher = "International Academy, Research, and Industry Association IARIA",
    address = "United States",

    }

    Evesti, A, Savola, R, Ovaska, E & Kuusijärvi, J 2011, The design, instantiation, and usage of information security measuring ontology. in M Diaz & E Exposito (eds), Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . International Academy, Research, and Industry Association IARIA, pp. 1-9, The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011, Budapest, Hungary, 17/04/11.

    The design, instantiation, and usage of information security measuring ontology. / Evesti, Antti; Savola, Reijo; Ovaska, Eila; Kuusijärvi, Jarkko.

    Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . ed. / Michel Diaz; Ernesto Exposito. International Academy, Research, and Industry Association IARIA, 2011. p. 1-9.

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    TY - GEN

    T1 - The design, instantiation, and usage of information security measuring ontology

    AU - Evesti, Antti

    AU - Savola, Reijo

    AU - Ovaska, Eila

    AU - Kuusijärvi, Jarkko

    N1 - Project code: 31576

    PY - 2011

    Y1 - 2011

    N2 - Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.

    AB - Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.

    KW - run-time

    KW - quality

    KW - measure

    KW - security metric

    KW - software

    M3 - Conference article in proceedings

    SN - 978-1-61208-005-5

    SP - 1

    EP - 9

    BT - Proceedings

    A2 - Diaz, Michel

    A2 - Exposito, Ernesto

    PB - International Academy, Research, and Industry Association IARIA

    ER -

    Evesti A, Savola R, Ovaska E, Kuusijärvi J. The design, instantiation, and usage of information security measuring ontology. In Diaz M, Exposito E, editors, Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . International Academy, Research, and Industry Association IARIA. 2011. p. 1-9