V. Casola, Rosario Catelli, Alessandra De Benedictis
{"title":"迈向基于iso的信息安全领域本体的第一步","authors":"V. Casola, Rosario Catelli, Alessandra De Benedictis","doi":"10.1109/WETICE.2019.00075","DOIUrl":null,"url":null,"abstract":"The need for Information Security Management Systems (SIEMs) has increased the effort requested to companies to improve the security level of their systems and their compliance with national and international standards. Unfortunately, the existence of several different security standards to comply with and the lack of well-defined guidelines related to documents preparation and reporting, may result into a bad security management and may cause several security issues. In this paper, we introduce a modeling approach to the definition of a SIEM that leverages a double-layered ontology: it is composed of a highlevel ontology, used to model complex relations among domains, and of a low-level, domain-specific ontology, aimed at modeling the ISO 27000 family of standards.","PeriodicalId":116875,"journal":{"name":"2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-06-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":"{\"title\":\"A First Step Towards an ISO-Based Information Security Domain Ontology\",\"authors\":\"V. Casola, Rosario Catelli, Alessandra De Benedictis\",\"doi\":\"10.1109/WETICE.2019.00075\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The need for Information Security Management Systems (SIEMs) has increased the effort requested to companies to improve the security level of their systems and their compliance with national and international standards. Unfortunately, the existence of several different security standards to comply with and the lack of well-defined guidelines related to documents preparation and reporting, may result into a bad security management and may cause several security issues. In this paper, we introduce a modeling approach to the definition of a SIEM that leverages a double-layered ontology: it is composed of a highlevel ontology, used to model complex relations among domains, and of a low-level, domain-specific ontology, aimed at modeling the ISO 27000 family of standards.\",\"PeriodicalId\":116875,\"journal\":{\"name\":\"2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)\",\"volume\":\"49 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-06-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"3\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/WETICE.2019.00075\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 28th International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/WETICE.2019.00075","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A First Step Towards an ISO-Based Information Security Domain Ontology
The need for Information Security Management Systems (SIEMs) has increased the effort requested to companies to improve the security level of their systems and their compliance with national and international standards. Unfortunately, the existence of several different security standards to comply with and the lack of well-defined guidelines related to documents preparation and reporting, may result into a bad security management and may cause several security issues. In this paper, we introduce a modeling approach to the definition of a SIEM that leverages a double-layered ontology: it is composed of a highlevel ontology, used to model complex relations among domains, and of a low-level, domain-specific ontology, aimed at modeling the ISO 27000 family of standards.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
