The IRMA Community
Newsletters
Research IRM
Click a keyword to search titles using our InfoSci-OnDemand powered search:
|
An Ontology of Information Security
Abstract
We present a publicly available, OWL-based ontology of information security which models assets, threats, vulnerabilities, countermeasures and their relations. The ontology can be used as a general vocabulary, roadmap, and extensible dictionary of the domain of information security. With its help, users can agree on a common language and definition of terms and relationships. In addition to browsing for information, the ontology is also useful for reasoning about relationships between its entities, for example, threats and countermeasures. The ontology helps answer questions like: Which countermeasures detect or prevent the violation of integrity of data? Which assets are protected by SSH? Which countermeasures thwart buffer overflow attacks? At the moment, the ontology comprises 88 threat classes, 79 asset classes, 133 countermeasure classes and 34 relations between those classes. We provide the means for extending the ontology, and provide examples of the extendibility with the countermeasure classes ‘memory protection’ and ‘source code analysis’. This article describes the content of the ontology as well as its usages, potential for extension, technical implementation and tools for working with it.
Related Content
Zhiqiang Wu.
© 2024.
15 pages.
|
Musa Ugbedeojo, Marion O. Adebiyi, Oluwasegun Julius Aroba, Ayodele Ariyo Adebiyi.
© 2024.
27 pages.
|
.
© 2024.
|
Dongyan Zhang, Lili Zhang, Zhiyong Zhang, Zhongya Zhang.
© 2024.
19 pages.
|
Zhen Gu, Guoyin Zhang.
© 2023.
15 pages.
|
Sabrine Ennaji, Nabil El Akkad, Khalid Haddouch.
© 2023.
17 pages.
|
Mallanagouda Biradar, Basavaraj Mathapathi.
© 2023.
18 pages.
|
|
|