Home // MOPAS 2011, The Second International Conference on Models and Ontology-based Design of Protocols, Architectures and Services // View article

The Design, Instantiation, and Usage of Information Security Measuring Ontology

Authors:
Antti Evesti
Reijo Savola
Eila Ovaska
Jarkko Kuusijärvi

Keywords: adaptation, run-time, quality, measure, security metric, software

Abstract:
Measuring security is a complex task and requires a great deal of knowledge. Managing this knowledge and presenting it in a universal way is challenging. This paper describes the Information Security Measuring Ontology (ISMO) for measuring information security. The ontology combines existing measuring and security ontologies and instantiates it through example measures. The ontology provides a solid way to present security measures for software designers and adaptable applications. The software designer can utilise the ontology to provide an application with security measuring capability. Moreover, the adaptable application searches for measures from the ontology, in order to measure a security level in the current run-time situation. The case example illustrates the design and run-time usage of the ontology. The experiment proved that the ontology facilitates the software designer’s work, when implementing security measures for applications that are able to retrieve measures from the ontology at run-time.

Pages: 1 to 9

Copyright: Copyright (c) IARIA, 2011

Publication date: April 17, 2011

Published in: conference

ISBN: 978-1-61208-130-4

Location: Budapest, Hungary

Dates: from April 17, 2011 to April 22, 2011