An Extended Ontology for Security Requirements
| Title | An Extended Ontology for Security Requirements |
| Publication Type | Book Chapter |
| Year of Publication | 2011 |
| Authors | Massacci, F., J. Mylopoulos, F. Paci, T. T. Tun, and Y. Yu |
| Secondary Authors | Salinesi, C., O. Pastor, W. Aalst, J. Mylopoulos, M. Rosemann, M. J. Shaw, and C. Szyperski |
| Book Title | Advanced Information Systems Engineering Workshops |
| Series Title | Lecture Notes in Business Information Processing |
| Volume | 83 |
| Pagination | 622-636 |
| Publisher | Springer Berlin Heidelberg |
| ISBN Number | 978-3-642-22056-2 |
| Abstract | Security concerns for physical, software and virtual worlds have captured the attention of researchers and the general public, thanks to a series of dramatic events during the past decade. Unsurprisingly, this has resulted in increased research activity on topics that relate to security requirements. At the very core of this activity lies the problem of determining a suitable set of concepts (aka ontology) for modeling security requirements. Many proposals for such ontologies exist in the literature. The main objective of this paper is to amalgamate and extend the security ontologies proposed in [1] and [2]. The amalgamation includes a careful comparison of primitive concepts in Problem Frames and Secure Tropos, but also offers a novel account for rather nebulous security concepts, such as those of vulnerability and threat. The new concepts are justified and related to the literature. Moreover, the paper offers a number of security requirements adopted from industrial case studies, along with their respective representation in terms of the proposed ontology. |
| Notes | 10.1007/978-3-642-22056-2_64 |
| URL | http://dx.doi.org/10.1007/978-3-642-22056-2_64 |
- Login to post comments
- XML
- BibTex
- Google Scholar
