The design, instantiation, and usage of information security measuring ontology

Antti Evesti, Reijo Savola, Eila Ovaska, Jarkko Kuusijärvi

    Research output: Chapter in Book/Report/Conference proceedingConference article in proceedingsScientificpeer-review

    Abstract

    Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.
    Original languageEnglish
    Title of host publicationProceedings
    Subtitle of host publicationThe Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011
    EditorsMichel Diaz, Ernesto Exposito
    PublisherInternational Academy, Research, and Industry Association IARIA
    Pages1-9
    ISBN (Print)978-1-61208-005-5
    Publication statusPublished - 2011
    MoE publication typeA4 Article in a conference publication
    EventThe second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011 - Budapest, Hungary
    Duration: 17 Apr 201122 Apr 2011

    Conference

    ConferenceThe second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011
    Abbreviated titleMOPAS 2011
    CountryHungary
    CityBudapest
    Period17/04/1122/04/11

    Keywords

    • run-time
    • quality
    • measure
    • security metric
    • software

    Fingerprint Dive into the research topics of 'The design, instantiation, and usage of information security measuring ontology'. Together they form a unique fingerprint.

  • Cite this

    Evesti, A., Savola, R., Ovaska, E., & Kuusijärvi, J. (2011). The design, instantiation, and usage of information security measuring ontology. In M. Diaz, & E. Exposito (Eds.), Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 (pp. 1-9). International Academy, Research, and Industry Association IARIA. http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.455.7331