The design, instantiation, and usage of information security measuring ontology

Antti Evesti, Reijo Savola, Eila Ovaska, Jarkko Kuusijärvi

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

Abstract

Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.
Original languageEnglish
Title of host publicationProceedings
Subtitle of host publicationThe Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011
EditorsMichel Diaz, Ernesto Exposito
PublisherInternational Academy, Research, and Industry Association IARIA
Pages1-9
ISBN (Print)978-1-61208-005-5
Publication statusPublished - 2011
MoE publication typeA4 Article in a conference publication
EventThe second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011 - Budapest, Hungary
Duration: 17 Apr 201122 Apr 2011

Conference

ConferenceThe second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011
Abbreviated titleMOPAS 2011
CountryHungary
CityBudapest
Period17/04/1122/04/11

Fingerprint

Security of data
Ontology

Keywords

  • run-time
  • quality
  • measure
  • security metric
  • software

Cite this

Evesti, A., Savola, R., Ovaska, E., & Kuusijärvi, J. (2011). The design, instantiation, and usage of information security measuring ontology. In M. Diaz, & E. Exposito (Eds.), Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 (pp. 1-9). International Academy, Research, and Industry Association IARIA.
Evesti, Antti ; Savola, Reijo ; Ovaska, Eila ; Kuusijärvi, Jarkko. / The design, instantiation, and usage of information security measuring ontology. Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . editor / Michel Diaz ; Ernesto Exposito. International Academy, Research, and Industry Association IARIA, 2011. pp. 1-9
@inproceedings{0558024e037d45268882cb40f8d9e21e,
title = "The design, instantiation, and usage of information security measuring ontology",
abstract = "Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.",
keywords = "run-time, quality, measure, security metric, software",
author = "Antti Evesti and Reijo Savola and Eila Ovaska and Jarkko Kuusij{\"a}rvi",
note = "Project code: 31576",
year = "2011",
language = "English",
isbn = "978-1-61208-005-5",
pages = "1--9",
editor = "Michel Diaz and Ernesto Exposito",
booktitle = "Proceedings",
publisher = "International Academy, Research, and Industry Association IARIA",
address = "United States",

}

Evesti, A, Savola, R, Ovaska, E & Kuusijärvi, J 2011, The design, instantiation, and usage of information security measuring ontology. in M Diaz & E Exposito (eds), Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . International Academy, Research, and Industry Association IARIA, pp. 1-9, The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011, Budapest, Hungary, 17/04/11.

The design, instantiation, and usage of information security measuring ontology. / Evesti, Antti; Savola, Reijo; Ovaska, Eila; Kuusijärvi, Jarkko.

Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . ed. / Michel Diaz; Ernesto Exposito. International Academy, Research, and Industry Association IARIA, 2011. p. 1-9.

Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

TY - GEN

T1 - The design, instantiation, and usage of information security measuring ontology

AU - Evesti, Antti

AU - Savola, Reijo

AU - Ovaska, Eila

AU - Kuusijärvi, Jarkko

N1 - Project code: 31576

PY - 2011

Y1 - 2011

N2 - Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.

AB - Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.

KW - run-time

KW - quality

KW - measure

KW - security metric

KW - software

M3 - Conference article in proceedings

SN - 978-1-61208-005-5

SP - 1

EP - 9

BT - Proceedings

A2 - Diaz, Michel

A2 - Exposito, Ernesto

PB - International Academy, Research, and Industry Association IARIA

ER -

Evesti A, Savola R, Ovaska E, Kuusijärvi J. The design, instantiation, and usage of information security measuring ontology. In Diaz M, Exposito E, editors, Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . International Academy, Research, and Industry Association IARIA. 2011. p. 1-9