An Ontology of Information Security

Herzog, Almut; Shahmehri, Nahid; Duma, Claudiu

doi:10.4018/jisp.2007100101

Cited by 154 publications

(102 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In [8] an information security ontology in OWL is presented by Herzog et al. This work is aimed at modeling the main concepts of the domain.…”

Section: Surveymentioning

confidence: 99%

“…The authors propose an ontology aimed to cover a larger number of standards. The authors mapped papers Herzog et al [8] and Fenz, Pruckner, & Manutscheri [57] with the standards ISO 27001 [58], PCI DSS [59], ISSA 5173 [60] and NISTIR 7621 [61].…”

Section: Surveymentioning

confidence: 99%

“…Table 1 presents the keywords and the search string. [11]; [12]; [13]; [14]; [15,16]; [17]; [18]; [19]; [20]; [21]; [22]; [23]; [24]; [25]; [26]; [27]; [28]; [29]; [30]; [31]; [32]; [33]; [34]; [35]; [36]; [37]; [38]; [39]; [40]; [41]; [42]; [43]; [44]; [45]; [44]; [8]; [46]; [47]. Generic and abstract proposals (Top-Level Ontologies) can be found in [48], [3], [49], [50], and [51].…”

Section: Surveymentioning

confidence: 99%

“…Furthermore, an ontology can be used to reason (provide inferences) about relationships between entities [8].…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Survey of Security Assessment Ontologies

Rosa¹,

Jino²

2017

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Abstract.A literature survey on ontologies concerning the Security Assessment domain has been carried out to uncover initiatives that aim at formalizing concepts from the "Security Assessment" field of research. A preliminary analysis and a discussion on the selected works are presented. Our main contribution is an updated literature review, describing key characteristics, results, research issues, and application domains of the papers. We have also detected gaps in the Security Assessment literature that could be the subject of further studies in the field. This work is meant to be useful for security researchers who wish to adopt a formal approach in their methods.

show abstract

“…In [8] an information security ontology in OWL is presented by Herzog et al. This work is aimed at modeling the main concepts of the domain.…”

Section: Surveymentioning

confidence: 99%

Section: Surveymentioning

confidence: 99%

Section: Surveymentioning

confidence: 99%

“…Furthermore, an ontology can be used to reason (provide inferences) about relationships between entities [8].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Survey of Security Assessment Ontologies

Rosa¹,

Jino²

2017

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

show abstract

“…In recent years, research in computer security has seen an increase in the use of ontologies. For example, ontologies have been applied to the areas of information security (common security vocabulary) [24], security management (threats, vulnerabilities and countermeasures) [17], access control [15], policy management [25] and trust management [33]. The decentralized Semantic Threat Graphs (ontology fragments) are implemented in OWL-DL, a language subset of OWL which is a W3C standard that includes Description Logic reasoning semantics [30].…”

Section: Introductionmentioning

confidence: 99%

Decentralized Semantic Threat Graphs

Foley

Fitzgerald

2012

Data and Applications Security and Privacy XXVI

View full text Add to dashboard Cite

Abstract. Threat knowledge-bases such as those maintained by MITRE and NIST provide a basis with which to mitigate known threats to an enterprise. These centralised knowledge-bases assume a global and uniform level of trust for all threat and countermeasure knowledge. However, in practice these knowledge-bases are composed of threats and countermeasures that originate from a number of threat providers, for example Bugtraq. As a consequence, threat knowledge consumers may only wish to trust knowledge about threats and countermeasures that have been provided by a particular provider or set of providers. In this paper, a trust management approach is taken with respect to threat knowledge-bases. This provides a basis with which to decentralize and delegate trust for knowledge about threats and their mitigation to one or more providers. Threat knowledge-bases are encoded as Semantic Threat Graphs. An ontology-based delegation scheme is proposed to manage trust across a model of distributed Semantic Threat Graph knowledge-bases.

show abstract

Security Ontologies: An Investigation of Pitfall Rate

Patel¹,

Debnath²

2022

Data Science With Semantic Technologies

View full text Add to dashboard Cite

An Ontology of Information Security

Cited by 154 publications

References 36 publications

A Survey of Security Assessment Ontologies

A Survey of Security Assessment Ontologies

Decentralized Semantic Threat Graphs

Security Ontologies: An Investigation of Pitfall Rate

Contact Info

Product

Resources

About