V. Casola, Rosario Catelli, Alessandra De Benedictis
{"title":"A First Step Towards an ISO-Based Information Security Domain Ontology","authors":"V. Casola, Rosario Catelli, Alessandra De Benedictis","doi":"10.1109/WETICE.2019.00075","DOIUrl":null,"url":null,"abstract":"The need for Information Security Management Systems (SIEMs) has increased the effort requested to companies to improve the security level of their systems and their compliance with national and international standards. Unfortunately, the existence of several different security standards to comply with and the lack of well-defined guidelines related to documents preparation and reporting, may result into a bad security management and may cause several security issues. In this paper, we introduce a modeling approach to the definition of a SIEM that leverages a double-layered ontology: it is composed of a highlevel ontology, used to model complex relations among domains, and of a low-level, domain-specific ontology, aimed at modeling the ISO 27000 family of standards.","PeriodicalId":116875,"journal":{"name":"2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WETICE.2019.00075","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
The need for Information Security Management Systems (SIEMs) has increased the effort requested to companies to improve the security level of their systems and their compliance with national and international standards. Unfortunately, the existence of several different security standards to comply with and the lack of well-defined guidelines related to documents preparation and reporting, may result into a bad security management and may cause several security issues. In this paper, we introduce a modeling approach to the definition of a SIEM that leverages a double-layered ontology: it is composed of a highlevel ontology, used to model complex relations among domains, and of a low-level, domain-specific ontology, aimed at modeling the ISO 27000 family of standards.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
