2012
DOI: 10.1007/978-3-642-31069-0_5
|View full text |Cite
|
Sign up to set email alerts
|

Ontologies for Security Requirements: A Literature Survey and Classification

Abstract: Abstract. Despite existing methodologies in the field, most requirements engineers are poorly trained to define security requirements. This is due to a considerable lack of security knowledge. Some security ontologies have been proposed, but a gap still exists between the two fields of security requirement engineering and ontologies. This paper is a survey, it proposes an analysis and a typology of existing security ontologies and their use for requirements definition.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
2

Citation Types

0
33
0
1

Year Published

2015
2015
2022
2022

Publication Types

Select...
6
1
1

Relationship

1
7

Authors

Journals

citations
Cited by 61 publications
(34 citation statements)
references
References 26 publications
0
33
0
1
Order By: Relevance
“…In [65] Souag et al present an analysis of existing security ontologies and their use in defining requirements. The work is part of a project that aims to improve the definition of security requirements using ontologies.…”
Section: Discussion and Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…In [65] Souag et al present an analysis of existing security ontologies and their use in defining requirements. The work is part of a project that aims to improve the definition of security requirements using ontologies.…”
Section: Discussion and Related Workmentioning
confidence: 99%
“…The literature review was adapted from Barnes [66] and Rainer & Miller [67]. Blanco et al [64] and Souag et al [65] emphasize the importance of previous literature reviews and point to the need of updates.…”
Section: Discussion and Related Workmentioning
confidence: 99%
“…11 For brevity reasons we omit most of the entity attributes. 12 A literature survey of different security requirements ontologies is given in [51]. 13 Please note that additionally also relationships between SRS in a SRS category may be possible, e.g., if a threat can be assigned to a related weakness, or if raw requirements are similar and relate to other raw requirements derived from compliance obligations.…”
Section: Discussionmentioning
confidence: 99%
“…Being "small", the ontology used affected the resulting requirements and the whole security requirements analysis process. In a previous research, several security ontologies were compared and classified [7]. The paper concluded that ontologies are good sources for security requirements engineering.…”
Section: Introductionmentioning
confidence: 97%
“…The benefits of such a security ontology would be manifold: it would help requirements engineers reporting incidents more effectively, reusing security requirements of the same domain and discussing issues together, for instance [6]. Several research studies have addressed the issue of knowledge for the field of security [7] [8]. The research presented in this paper is part of a larger ongoing research project that aims at proposing a method that exploits ontologies for security requirements engineering [9].…”
Section: Introductionmentioning
confidence: 99%