Enterprise resource planning systems: systems, life cycle, electronic commerce, and risk
Enterprise resource planning systems: systems, life cycle, electronic commerce, and risk
IEEE Security and Privacy
Collaborative knowledge capture in ontologies
Proceedings of the 3rd international conference on Knowledge capture
Information Security Fortification by Ontological Mapping of the ISO/IEC 27001 Standard
PRDC '07 Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing
Formalizing information security knowledge
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
An information security ontology incorporating human-behavioural implications
Proceedings of the 2nd international conference on Security of information and networks
OntoWiki – a tool for social, semantic collaboration
ISWC'06 Proceedings of the 5th international conference on The Semantic Web
Proceedings of the 2010 workshop on New security paradigms
GROUP workshop proposal: collaboration in managing computer systems
Proceedings of the 17th ACM international conference on Supporting group work
Hi-index | 0.00 |
This paper explores the need for a collaborative development tool to allow information security experts to capture their interrelated knowledge in an ontology. Such a tool would enable organisations to make more informed security policy decisions around shared security issues. However, population of ontologies can be time-consuming and error-prone, and current collaborative ontology editing tools require a familiarity with ontology concepts. We present a Web-oriented tool which simplifies ontology population for information security experts, allowing them to develop ontology content without the need to understand ontology concepts. To understand how organisations manage information security knowledge within policies, we consulted two information security managers in large organisations. The Web-Protégé collaborative ontology editor was then modified to create a tool with an appropriate knowledge ontology structure that meets their requirements. The same information security managers then evaluated the tool, judging it to be accessible and potentially useful in policy decision-making.