Integrated management of networked systems: concepts, architectures, and their operational application
A collaborative approach to ontology design
Communications of the ACM - Ontology: different ways of representing the same concept
Ontology in information security: a useful theoretical foundation and methodological tool
Proceedings of the 2001 workshop on New security paradigms
KAON - Towards a Large Scale Semantic Web
EC-WEB '02 Proceedings of the Third International Conference on E-Commerce and Web Technologies
The Ponder Policy Specification Language
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
Ontobroker: Ontology Based Access to Distributed and Semi-Structured Information
DS-8 Proceedings of the IFIP TC2/WG2.6 Eighth Working Conference on Database Semantics- Semantic Issues in Multimedia Systems
A Policy Language for a Pervasive Computing Environment
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
IEEE Security and Privacy
Implementation of the CIM Policy Model Using PONDER
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Evolving GATE to meet new challenges in language engineering
Natural Language Engineering
Secure information sharing between heterogeneous embedded devices
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Ontological approach toward cybersecurity in cloud computing
Proceedings of the 3rd international conference on Security of information and networks
Toward risk assessment as a service in cloud environments
HotCloud'10 Proceedings of the 2nd USENIX conference on Hot topics in cloud computing
An ontology-based approach for occupational health
Proceedings of the 15th WSEAS international conference on Computers
Hi-index | 0.00 |
Complexity of modern information systems (IS), impose novel security requirements. On the other hand, the ontology paradigm aims to support knowledge sharing and reuse in an explicit and mutually agreed manner. Therefore, in this paper we set the foundations for establishing a knowledge-based, ontology-centric framework with respect to the security management of an arbitrary IS. We demonstrate that the linking between high-level policy statements and deployable security controls is possible and the implementation is achievable. This framework may support critical security expert activities with respect to security requirements identification and selection of certain controls and countermeasures. In addition, we present a structured approach for establishing a security management framework and identify its critical parts. Our security ontology is being represented in a neutral manner, based on well-known security standards, extending widely used information systems modeling approaches.