A Security Ontology with MDA for Software Development

2013 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery Pub Date : 2013-10-10 DOI:10.1109/CyberC.2013.20

Wentao Kang, Ying Liang

{"title":"A Security Ontology with MDA for Software Development","authors":"Wentao Kang, Ying Liang","doi":"10.1109/CyberC.2013.20","DOIUrl":null,"url":null,"abstract":"It is found that current ontologies for security often emphasize the security concerns and concepts without their involvement in each of stages of a software development process. This means that the security concerns and concepts will not be actually considered throughout the development process. This leads a lack of approaches to involving security concerns and concepts throughout the development process. In order to overcome the lack, a new security ontology for software development has been defined together with MDA that has been used in software development so that security concerns and concepts can play a role in each of stages of the development process and be included as security components in software. This paper will firstly introduce this new ontology and its semantics, then show how to use it in the development process in terms of four case studies. The results of the case studies have proven that the proposed security ontology could be useful in modeling and design of security concerns and concepts at each of stages of the development process with MDA.","PeriodicalId":133756,"journal":{"name":"2013 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery","volume":"70 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"26","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CyberC.2013.20","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 26

Abstract

It is found that current ontologies for security often emphasize the security concerns and concepts without their involvement in each of stages of a software development process. This means that the security concerns and concepts will not be actually considered throughout the development process. This leads a lack of approaches to involving security concerns and concepts throughout the development process. In order to overcome the lack, a new security ontology for software development has been defined together with MDA that has been used in software development so that security concerns and concepts can play a role in each of stages of the development process and be included as security components in software. This paper will firstly introduce this new ontology and its semantics, then show how to use it in the development process in terms of four case studies. The results of the case studies have proven that the proposed security ontology could be useful in modeling and design of security concerns and concepts at each of stages of the development process with MDA.

查看原文本刊更多论文

基于MDA的软件开发安全本体

研究发现，当前的安全本体经常强调安全问题和概念，而不涉及软件开发过程的每个阶段。这意味着在整个开发过程中实际上不会考虑安全问题和概念。这导致在整个开发过程中缺乏涉及安全问题和概念的方法。为了克服这一缺陷，一个新的软件开发安全本体与软件开发中使用的MDA一起被定义，这样安全关注和概念就可以在开发过程的每个阶段发挥作用，并作为软件中的安全组件被包括在内。本文将首先介绍这个新的本体及其语义，然后通过四个案例说明如何在开发过程中使用它。案例研究的结果已经证明，建议的安全本体在MDA开发过程的每个阶段的安全关注点和概念的建模和设计中是有用的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery

自引率

0.00%

发文量