Ontology-based representation of reusable security requirements for developing secure web applications

Authors:
P. Salini;S. Kanmani
Affiliations:
Department of Computer Science and Engineering, Pondicherry Engineering College, Puducherry-605014, India;Department of Information Technology, Pondicherry Engineering College, Puducherry-605014, India
Venue:
International Journal of Internet Technology and Secured Transactions
Year:
2013

Citing 14
Cited 0

An ontology for secure e-government applications

ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Building problem domain ontology from security requirements in regulatory documents

Proceedings of the 2006 international workshop on Software engineering for secure systems
Security Attack Ontology for Web Services

SKG '06 Proceedings of the Second International Conference on Semantics, Knowledge, and Grid
Ontology based IT-security planning

PRDC '06 Proceedings of the 12th Pacific Rim International Symposium on Dependable Computing
A Domain-Independent Ontology for Non-Functional Requirements

ICEBE '07 Proceedings of the IEEE International Conference on e-Business Engineering
Formalizing information security knowledge

Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Security Ontology Proposal for Mobile Applications

MDM '09 Proceedings of the 2009 Tenth International Conference on Mobile Data Management: Systems, Services and Middleware
An information security ontology incorporating human-behavioural implications

Proceedings of the 2nd international conference on Security of information and networks
Applications of Ontology in Management of Information Asset

IIH-MSP '09 Proceedings of the 2009 Fifth International Conference on Intelligent Information Hiding and Multimedia Signal Processing
Security ontology to facilitate web service description and discovery

Journal on data semantics IX
Basis for an integrated security ontology according to a systematic review of existing proposals

Computer Standards & Interfaces
Security ontology for annotating resources

OTM'05 Proceedings of the 2005 OTM Confederated international conference on On the Move to Meaningful Internet Systems: CoopIS, COA, and ODBASE - Volume Part II
Security ontology: simulating threats to corporate assets

ICISS'06 Proceedings of the Second international conference on Information Systems Security
Survey and analysis on Security Requirements Engineering

Computers and Electrical Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Security is the major issue in web applications and it should be carefully considered in all the phases of the software development life cycle. The security requirements should be elicited and analysed in the early stages of requirements engineering. They are elicited from different sources by using security requirements engineering methods. Ontology can be used as one of the sources to specify security requirements knowledge effectively, since it is a 'formal, explicit specification of shared concepts' and is reusable. But there are no standard or only primitive security requirements ontology is available for requirements engineering phase. In this paper, we proposed and created security requirements ontology for web applications. Hence, we can reuse the security requirements knowledge and specify security requirements for developing different web applications. The reusability and effectiveness of security requirements ontology are validated using querying method.