Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
Toward principles for the design of ontologies used for knowledge sharing
International Journal of Human-Computer Studies - Special issue: the role of formal ontology in the information technology
Ontology in information security: a useful theoretical foundation and methodological tool
Proceedings of the 2001 workshop on New security paradigms
Information Security Risk Analysis
Information Security Risk Analysis
IEEE Security and Privacy
Enemy at the gate: threats to information security
Communications of the ACM - Program compaction
The description logic handbook: theory, implementation, and applications
The description logic handbook: theory, implementation, and applications
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
OntoKhoj: a semantic web portal for ontology searching, ranking and classification
WIDM '03 Proceedings of the 5th ACM international workshop on Web information and data management
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
An ontology for secure e-government applications
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
A knowledge architecture for IT security
Communications of the ACM - Creating a science of games
Enabling experts to build knowledge bases from science textbooks
Proceedings of the 4th international conference on Knowledge capture
AMBRA: automated model-based risk analysis
Proceedings of the 2007 ACM workshop on Quality of protection
Synergy between data warehousing and knowledge management: three industries reviewed
International Journal of Information Technology and Management
Grand Challenges in Information Security: Process and Output
IEEE Security and Privacy
Security ontology for annotating resources
OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, COA, and ODBASE - Volume Part II
SP 800-12. An Introduction to Computer Security: the NIST Handbook
SP 800-12. An Introduction to Computer Security: the NIST Handbook
SP 800-30. Risk Management Guide for Information Technology Systems
SP 800-30. Risk Management Guide for Information Technology Systems
How to determine threat probabilities using ontologies and Bayesian networks
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Multi-aspect security configuration assessment
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
Ontology-based generation of IT-security metrics
Proceedings of the 2010 ACM Symposium on Applied Computing
Threat agents: a necessary component of threat analysis
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Ontological approach toward cybersecurity in cloud computing
Proceedings of the 3rd international conference on Security of information and networks
A collaborative ontology development tool for information security managers
Proceedings of the 4th Symposium on Computer Human Interaction for the Management of Information Technology
An ontology- and Bayesian-based approach for determining threat probabilities
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Basis for an integrated security ontology according to a systematic review of existing proposals
Computer Standards & Interfaces
An ontology-based approach for constructing Bayesian networks
Data & Knowledge Engineering
Policy-Based vulnerability assessment for virtual organisations
CSS'12 Proceedings of the 4th international conference on Cyberspace Safety and Security
International Journal of Internet Technology and Secured Transactions
Hi-index | 0.01 |
Unified and formal knowledge models of the information security domain are fundamental requirements for supporting and enhancing existing risk management approaches. This paper describes a security ontology which provides an ontological structure for information security domain knowledge. Besides existing best-practice guidelines such as the German IT Grundschutz Manual also concrete knowledge of the considered organization is incorporated. An evaluation conducted by an information security expert team has shown that this knowledge model can be used to support a broad range of information security risk management approaches.