Ontology-based security modeling in ArchiMate

IF 2 3区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Software and Systems Modeling Pub Date : 2024-02-16 DOI:10.1007/s10270-024-01149-1

Ítalo Oliveira, Tiago Prince Sales, João Paulo A. Almeida, Riccardo Baratella, Mattia Fumagalli, Giancarlo Guizzardi

{"title":"Ontology-based security modeling in ArchiMate","authors":"Ítalo Oliveira, Tiago Prince Sales, João Paulo A. Almeida, Riccardo Baratella, Mattia Fumagalli, Giancarlo Guizzardi","doi":"10.1007/s10270-024-01149-1","DOIUrl":null,"url":null,"abstract":"Enterprise Risk Management involves the process of identification, evaluation, treatment, and communication regarding risks throughout the enterprise. To support the tasks associated with this process, several frameworks and modeling languages have been proposed, such as the Risk and Security Overlay (RSO) of ArchiMate. An ontological investigation of this artifact would reveal its adequacy, capabilities, and limitations w.r.t. the domain of risk and security. Based on that, a language redesign can be proposed as a refinement. Such analysis and redesign have been executed for the risk elements of the RSO grounded in the Common Ontology of Value and Risk. The next step along this line of research is to address the following research problems: What would be the outcome of an ontological analysis of security-related elements of the RSO? That is, can we identify other semantic deficiencies in the RSO through an ontological analysis? Once such an analysis is provided, can we redesign the security elements of the RSO accordingly, in order to produce an improved artifact? Here, with the aid of the Reference Ontology for Security Engineering (ROSE) and the ontological theory of prevention behind it, we address the remaining gap by proceeding with an ontological analysis of the security-related constructs of the RSO. The outcome of this assessment is an ontology-based redesign of the ArchiMate language regarding security modeling. In a nutshell, we report the following contributions: (1) an ontological analysis of the RSO that identifies six limitations concerning security modeling; (2) because of the key role of the notion of prevention in security modeling, the introduction of the ontological theory of prevention in ArchiMate; (3) a well-founded redesign of security elements of ArchiMate; and (4) ontology-based security modeling patterns that are logical consequences of our proposal of redesign due to its underlying ontology of security. As a form of evaluation, we show that our proposal can describe risk treatment options, according to ISO 31000. Finally, besides presenting multiple examples, we proceed with a real-world illustrative application taken from the cybersecurity domain.\n","PeriodicalId":49507,"journal":{"name":"Software and Systems Modeling","volume":"30 1","pages":""},"PeriodicalIF":2.0000,"publicationDate":"2024-02-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Software and Systems Modeling","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10270-024-01149-1","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

Enterprise Risk Management involves the process of identification, evaluation, treatment, and communication regarding risks throughout the enterprise. To support the tasks associated with this process, several frameworks and modeling languages have been proposed, such as the Risk and Security Overlay (RSO) of ArchiMate. An ontological investigation of this artifact would reveal its adequacy, capabilities, and limitations w.r.t. the domain of risk and security. Based on that, a language redesign can be proposed as a refinement. Such analysis and redesign have been executed for the risk elements of the RSO grounded in the Common Ontology of Value and Risk. The next step along this line of research is to address the following research problems: What would be the outcome of an ontological analysis of security-related elements of the RSO? That is, can we identify other semantic deficiencies in the RSO through an ontological analysis? Once such an analysis is provided, can we redesign the security elements of the RSO accordingly, in order to produce an improved artifact? Here, with the aid of the Reference Ontology for Security Engineering (ROSE) and the ontological theory of prevention behind it, we address the remaining gap by proceeding with an ontological analysis of the security-related constructs of the RSO. The outcome of this assessment is an ontology-based redesign of the ArchiMate language regarding security modeling. In a nutshell, we report the following contributions: (1) an ontological analysis of the RSO that identifies six limitations concerning security modeling; (2) because of the key role of the notion of prevention in security modeling, the introduction of the ontological theory of prevention in ArchiMate; (3) a well-founded redesign of security elements of ArchiMate; and (4) ontology-based security modeling patterns that are logical consequences of our proposal of redesign due to its underlying ontology of security. As a form of evaluation, we show that our proposal can describe risk treatment options, according to ISO 31000. Finally, besides presenting multiple examples, we proceed with a real-world illustrative application taken from the cybersecurity domain.

Abstract Image

查看原文本刊更多论文

ArchiMate 中基于本体的安全建模

企业风险管理涉及整个企业风险的识别、评估、处理和沟通过程。为了支持与这一过程相关的任务，人们提出了一些框架和建模语言，如 ArchiMate 的风险与安全叠加（RSO）。对这一工具的本体论研究将揭示其在风险和安全领域的适当性、能力和局限性。在此基础上，可以提出语言的重新设计作为改进。针对以价值与风险共同本体为基础的《风险与安全标准》的风险要素，已经进行了此类分析和重新设计。下一步的研究方向是解决以下研究问题：对《条例》中与安全相关的要素进行本体分析的结果会是什么？也就是说，我们能否通过本体分析发现《标准》中的其他语义缺陷？一旦有了这样的分析结果，我们能否据此重新设计《标准说明》的安全要素，从而制作出改进的人工制品？在此，我们借助安全工程参考本体（ROSE）及其背后的本体论预防理论，通过对《标准说明》中与安全相关的构造进行本体论分析，来弥补尚存的不足。评估的结果是对 ArchiMate 语言的安全建模进行了基于本体的重新设计。简而言之，我们报告了以下贡献：(1) 对《RSO》进行了本体分析，确定了有关安全建模的六个局限性；(2) 由于预防概念在安全建模中的关键作用，在 ArchiMate 中引入了预防本体理论；(3) 对 ArchiMate 的安全元素进行了有理有据的重新设计；(4) 基于本体的安全建模模式，这些模式是我们重新设计建议的逻辑结果，因为它的基础是安全本体。作为一种评估形式，我们表明我们的建议可以根据 ISO 31000 描述风险处理方案。最后，除了介绍多个示例外，我们还从网络安全领域的实际应用出发进行说明。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Software and Systems Modeling 工程技术-计算机：软件工程

CiteScore

6.00

自引率

20.00%

发文量

104

审稿时长

>12 weeks

期刊介绍： We invite authors to submit papers that discuss and analyze research challenges and experiences pertaining to software and system modeling languages, techniques, tools, practices and other facets. The following are some of the topic areas that are of special interest, but the journal publishes on a wide range of software and systems modeling concerns: Domain-specific models and modeling standards; Model-based testing techniques; Model-based simulation techniques; Formal syntax and semantics of modeling languages such as the UML; Rigorous model-based analysis; Model composition, refinement and transformation; Software Language Engineering; Modeling Languages in Science and Engineering; Language Adaptation and Composition; Metamodeling techniques; Measuring quality of models and languages; Ontological approaches to model engineering; Generating test and code artifacts from models; Model synthesis; Methodology; Model development tool environments; Modeling Cyberphysical Systems; Data intensive modeling; Derivation of explicit models from data; Case studies and experience reports with significant modeling lessons learned; Comparative analyses of modeling languages and techniques; Scientific assessment of modeling practices