分析信息安全风险本体

Int. J. Syst. Softw. Secur. Prot. Pub Date : 2020-01-01 DOI:10.4018/ijsssp.2020010101

Ines Meriah, Latifa Ben Arfa Rabai

{"title":"分析信息安全风险本体","authors":"Ines Meriah, Latifa Ben Arfa Rabai","doi":"10.4018/ijsssp.2020010101","DOIUrl":null,"url":null,"abstract":"This research work presents existing security ontologies and identifies relevant security ontology requirements in information systems. Moreover, it proposes a new classification of security ontologies in which, two main families, namely ontologies-based security standards and ontologies-based security risk assessment, are defined. For each family, a set of related research works is selected and a thorough description of their security ontologies is presented. The purpose of this analysis is to identify security ontology requirements as well as ontological characteristics for each study in order to help a security decision maker to select an ontology based off of their security risks and requirements as well as their needed security models and standards. By selecting the appropriate ontology, security stakeholders support security compliance and risk assessment in an enterprise.","PeriodicalId":135841,"journal":{"name":"Int. J. Syst. Softw. Secur. Prot.","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Analysing Information Security Risk Ontologies\",\"authors\":\"Ines Meriah, Latifa Ben Arfa Rabai\",\"doi\":\"10.4018/ijsssp.2020010101\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"This research work presents existing security ontologies and identifies relevant security ontology requirements in information systems. Moreover, it proposes a new classification of security ontologies in which, two main families, namely ontologies-based security standards and ontologies-based security risk assessment, are defined. For each family, a set of related research works is selected and a thorough description of their security ontologies is presented. The purpose of this analysis is to identify security ontology requirements as well as ontological characteristics for each study in order to help a security decision maker to select an ontology based off of their security risks and requirements as well as their needed security models and standards. By selecting the appropriate ontology, security stakeholders support security compliance and risk assessment in an enterprise.\",\"PeriodicalId\":135841,\"journal\":{\"name\":\"Int. J. Syst. Softw. Secur. Prot.\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Int. J. Syst. Softw. Secur. Prot.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/ijsssp.2020010101\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Int. J. Syst. Softw. Secur. Prot.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijsssp.2020010101","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

本研究提出了现有的安全本体，并确定了信息系统中相关的安全本体需求。提出了一种新的安全本体分类方法，定义了基于本体的安全标准和基于本体的安全风险评估两大类。对于每个家庭，选择了一组相关的研究工作，并对其安全本体进行了全面的描述。此分析的目的是确定每个研究的安全本体论需求和本体论特征，以帮助安全决策者根据其安全风险和需求以及所需的安全模型和标准选择本体。通过选择适当的本体，安全涉众支持企业中的安全遵从性和风险评估。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Analysing Information Security Risk Ontologies

This research work presents existing security ontologies and identifies relevant security ontology requirements in information systems. Moreover, it proposes a new classification of security ontologies in which, two main families, namely ontologies-based security standards and ontologies-based security risk assessment, are defined. For each family, a set of related research works is selected and a thorough description of their security ontologies is presented. The purpose of this analysis is to identify security ontology requirements as well as ontological characteristics for each study in order to help a security decision maker to select an ontology based off of their security risks and requirements as well as their needed security models and standards. By selecting the appropriate ontology, security stakeholders support security compliance and risk assessment in an enterprise.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Int. J. Syst. Softw. Secur. Prot.

自引率

0.00%

发文量

期刊最新文献

A Light Weight Temper Resistance Client File in an External Memory for Remote User Authentication and Access Control Proposed Secure 3-Use Case Diagram A Novel Iterated Function System-Based Model for Coloured Image Encryption Formal Metamodeling for Secure Model-Driven Engineering Cloud Computing Virtual Machine Workload Prediction Method Based on Variational Autoencoder