The design, instantiation, and usage of information security measuring ontology

Antti Evesti; Reijo Savola; Eila Ovaska; Jarkko Kuusijärvi

The design, instantiation, and usage of information security measuring ontology

Antti Evesti, Reijo Savola, Eila Ovaska, Jarkko Kuusijärvi

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

Abstract

Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.

Original language	English
Title of host publication	Proceedings
Subtitle of host publication	The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011
Editors	Michel Diaz, Ernesto Exposito
Publisher	International Academy, Research, and Industry Association IARIA
Pages	1-9
ISBN (Print)	978-1-61208-005-5
Publication status	Published - 2011
MoE publication type	A4 Article in a conference publication
Event	The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011 - Budapest, Hungary Duration: 17 Apr 2011 → 22 Apr 2011

Conference

Conference	The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011
Abbreviated title	MOPAS 2011
Country/Territory	Hungary
City	Budapest
Period	17/04/11 → 22/04/11

Keywords

run-time
quality
measure
security metric
software

Access to Document

http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.455.7331

Cite this

Evesti, A., Savola, R., Ovaska, E., & Kuusijärvi, J. (2011). The design, instantiation, and usage of information security measuring ontology. In M. Diaz, & E. Exposito (Eds.), Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 (pp. 1-9). International Academy, Research, and Industry Association IARIA. http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.455.7331

Evesti, Antti ; Savola, Reijo ; Ovaska, Eila et al. / The design, instantiation, and usage of information security measuring ontology. Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . editor / Michel Diaz ; Ernesto Exposito. International Academy, Research, and Industry Association IARIA, 2011. pp. 1-9

@inproceedings{0558024e037d45268882cb40f8d9e21e,

title = "The design, instantiation, and usage of information security measuring ontology",

abstract = "Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer{\textquoteright}s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.",

keywords = "run-time, quality, measure, security metric, software",

author = "Antti Evesti and Reijo Savola and Eila Ovaska and Jarkko Kuusij{\"a}rvi",

note = "Project code: 31576; The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011, MOPAS 2011 ; Conference date: 17-04-2011 Through 22-04-2011",

year = "2011",

language = "English",

isbn = "978-1-61208-005-5",

pages = "1--9",

editor = "Michel Diaz and Ernesto Exposito",

booktitle = "Proceedings",

publisher = "International Academy, Research, and Industry Association IARIA",

address = "United States",

}

Evesti, A, Savola, R, Ovaska, E & Kuusijärvi, J 2011, The design, instantiation, and usage of information security measuring ontology. in M Diaz & E Exposito (eds), Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . International Academy, Research, and Industry Association IARIA, pp. 1-9, The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011, Budapest, Hungary, 17/04/11. <http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.455.7331>

The design, instantiation, and usage of information security measuring ontology. / Evesti, Antti; Savola, Reijo; Ovaska, Eila et al.
Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . ed. / Michel Diaz; Ernesto Exposito. International Academy, Research, and Industry Association IARIA, 2011. p. 1-9.

Research output: Chapter in Book/Report/Conference proceeding › Conference article in proceedings › Scientific › peer-review

TY - GEN

T1 - The design, instantiation, and usage of information security measuring ontology

AU - Evesti, Antti

AU - Savola, Reijo

AU - Ovaska, Eila

AU - Kuusijärvi, Jarkko

N1 - Project code: 31576

PY - 2011

Y1 - 2011

N2 - Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.

AB - Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.

KW - run-time

KW - quality

KW - measure

KW - security metric

KW - software

M3 - Conference article in proceedings

SN - 978-1-61208-005-5

SP - 1

EP - 9

BT - Proceedings

A2 - Diaz, Michel

A2 - Exposito, Ernesto

PB - International Academy, Research, and Industry Association IARIA

T2 - The second international conference on models and ontology-based design of protocols, architectures and services, MOPAS 2011

Y2 - 17 April 2011 through 22 April 2011

ER -

Evesti A, Savola R, Ovaska E, Kuusijärvi J. The design, instantiation, and usage of information security measuring ontology. In Diaz M, Exposito E, editors, Proceedings: The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services, MOPAS 2011 . International Academy, Research, and Industry Association IARIA. 2011. p. 1-9

The design, instantiation, and usage of information security measuring ontology

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this