An Ontology-based Approach to the Formalization of Information Security Policies

Authors:
Fernando Naufel do Amaral;Carlos Bazilio;Geiza Maria Hamazaki da Silva;Alexandre Rademaker;Edward Hermann Haeusler
Affiliations:
TecMF, DI, PUC-Rio, Brazil;TecMF, DI, PUC-Rio, Brazil;TecMF, DI, PUC-Rio, Brazil;TecMF, DI, PUC-Rio, Brazil;TecMF, DI, PUC-Rio, Brazil
Venue:
EDOCW '06 Proceedings of the 10th IEEE on International Enterprise Distributed Object Computing Conference Workshops
Year:
2006

Citing 0
Cited 3

A specification language for information security policies

CIS'09 Proceedings of the international conference on Computational and information science 2009
An information security ontology incorporating human-behavioural implications

Proceedings of the 2nd international conference on Security of information and networks
Reasoning about policy noncompliance

Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present the structure of an ontology for Information Security (IS) and discuss a paradigm whereby it can be used to extract knowledge from natural language texts such as IS standards, security policies and security control descriptions. Besides providing a vocabulary for the IS domain, the proposed ontology stores logical forms corresponding to statements in the text, as well as a set of axioms used for inference in description logic (DL). We also describe a tool to provide automatic support for the formalization process.