Paper Info
Title
An ontology-based approach to information systems security management
Abstract
Complexity of modern information systems (IS), impose novel security requirements. On the other hand, the ontology paradigm aims to support knowledge sharing and reuse in an explicit and mutually agreed manner. Therefore, in this paper we set the foundations for establishing a knowledge-based, ontology-centric framework with respect to the security management of an arbitrary IS. We demonstrate that the linking between high-level policy statements and deployable security controls is possible and the implementation is achievable. This framework may support critical security expert activities with respect to security requirements identification and selection of certain controls and countermeasures. In addition, we present a structured approach for establishing a security management framework and identify its critical parts. Our security ontology is being represented in a neutral manner, based on well-known security standards, extending widely used information systems modeling approaches.
Year
DOI
Venue
2005
10.1007/11560326_12
MMM-ACNS
Keywords
Field
DocType
ontology-based approach,security management,well-known security standard,deployable security control,ontology-centric framework,security ontology,novel security requirement,information systems security management,security requirements identification,critical part,security management framework,critical security expert activity,knowledge base,security policy,information system
Security convergence,Security testing,Security controls,Computer security,Computer science,Security service,Cloud computing security,Security information and event management,Computer security model,Security management
Conference
Volume
ISSN
ISBN
3685
0302-9743
3-540-29113-X
Citations 
PageRank 
References 
13
1.33
17
Authors
3
Name
Order
Citations
PageRank
Bill Tsoumas11479.61
Stelios Dritsas213911.96
Dimitris Gritzalis395599.85