SecAOnto

Q2 Computer Science

International Journal of Web Portals Pub Date : 2020-07-01 DOI:10.4018/ijwp.2020070104

Ferrucio de Franco Rosa, Luiz Antonio Lima Teixeira Junior, R. Bonacin, M. Jino

{"title":"SecAOnto","authors":"Ferrucio de Franco Rosa, Luiz Antonio Lima Teixeira Junior, R. Bonacin, M. Jino","doi":"10.4018/ijwp.2020070104","DOIUrl":null,"url":null,"abstract":"Security assessment is crucial to the implementation and use of secure web portals. Literature reports studies about knowledge representation models for systems assessment and information security areas; however, there is a lack of conceptual formalization for the security assessment area. The security assessment ontology (SecAOnto) objective is to formalize knowledge on security assessment. It is based on ontologies, taxonomies, vocabularies, glossaries, and market guidelines. This paper presents an application of SecAOnto with the objective of identifying concepts in descriptions of security assessment items; the coverage of security characteristics is determined by using a coverage calculus algorithm. The application of SecAOnto and of the coverage calculus algorithms to the well-known standard ISO/IEC 27001 highlights its expressiveness. The proposal is useful for security experts and researchers in the context of security assessment, as well as to support web-based conceptual architectures.","PeriodicalId":53604,"journal":{"name":"International Journal of Web Portals","volume":"22 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2020-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"SecAOnto\",\"authors\":\"Ferrucio de Franco Rosa, Luiz Antonio Lima Teixeira Junior, R. Bonacin, M. Jino\",\"doi\":\"10.4018/ijwp.2020070104\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security assessment is crucial to the implementation and use of secure web portals. Literature reports studies about knowledge representation models for systems assessment and information security areas; however, there is a lack of conceptual formalization for the security assessment area. The security assessment ontology (SecAOnto) objective is to formalize knowledge on security assessment. It is based on ontologies, taxonomies, vocabularies, glossaries, and market guidelines. This paper presents an application of SecAOnto with the objective of identifying concepts in descriptions of security assessment items; the coverage of security characteristics is determined by using a coverage calculus algorithm. The application of SecAOnto and of the coverage calculus algorithms to the well-known standard ISO/IEC 27001 highlights its expressiveness. The proposal is useful for security experts and researchers in the context of security assessment, as well as to support web-based conceptual architectures.\",\"PeriodicalId\":53604,\"journal\":{\"name\":\"International Journal of Web Portals\",\"volume\":\"22 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Web Portals\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/ijwp.2020070104\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"Computer Science\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Web Portals","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/ijwp.2020070104","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"Computer Science","Score":null,"Total":0}

引用次数: 0

摘要

安全评估对于安全门户网站的实现和使用至关重要。文献报道了系统评估和信息安全领域知识表示模型的研究;然而，安全评估领域缺乏概念性的形式化。安全评估本体(SecAOnto)的目标是形式化安全评估知识。它基于本体、分类法、词汇表、词汇表和市场指南。本文介绍了SecAOnto在安全评估项目描述中概念识别的应用;采用覆盖演算算法确定安全特征的覆盖范围。SecAOnto和覆盖演算算法在著名的ISO/IEC 27001标准中的应用突出了它的表现力。该建议对安全评估方面的安全专家和研究人员非常有用，也有助于支持基于web的概念体系结构。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

SecAOnto

Security assessment is crucial to the implementation and use of secure web portals. Literature reports studies about knowledge representation models for systems assessment and information security areas; however, there is a lack of conceptual formalization for the security assessment area. The security assessment ontology (SecAOnto) objective is to formalize knowledge on security assessment. It is based on ontologies, taxonomies, vocabularies, glossaries, and market guidelines. This paper presents an application of SecAOnto with the objective of identifying concepts in descriptions of security assessment items; the coverage of security characteristics is determined by using a coverage calculus algorithm. The application of SecAOnto and of the coverage calculus algorithms to the well-known standard ISO/IEC 27001 highlights its expressiveness. The proposal is useful for security experts and researchers in the context of security assessment, as well as to support web-based conceptual architectures.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Web Portals Computer Science-Computer Science Applications

CiteScore

1.90

自引率

0.00%

发文量