Towards an Ontological Approach to Information System Security and Safety Requirement Modeling and Reuse

Information Security Journal

Volumn 21, Issue 3, 2012, Pages 137-149

  Arogundade, O T ^a   Akinwale, A T ^b   Jin, Z ^c   Yang, X G ^a  

^a CHINESE ACADEMY OF SCIENCES   (China)

^b FEDERAL UNIVERSITY OF AGRICULTURE   (Nigeria)

^c PEKING UNIVERSITY   (China)

Author keywords

ontology; requirement management; reuse; safety; security; sharing; use misuse case

Indexed keywords

DOMAIN KNOWLEDGE; FORMAL REPRESENTATIONS; HEALTH CARE INFORMATION SYSTEM; INFORMATION SYSTEM SECURITY; MISUSE CASE; ONTOLOGICAL APPROACH; PROBLEM DOMAIN; REQUIREMENT ENGINEERING; REQUIREMENT MANAGEMENT; REUSE; SAFETY REQUIREMENTS; SECURITY; SECURITY REQUIREMENTS; SECURITY THREATS; SHARING;

ACCIDENT PREVENTION; INFORMATION SYSTEMS; KNOWLEDGE REPRESENTATION; ONTOLOGY;

SECURITY SYSTEMS;

EID: 84862174649     PISSN: 19393555     EISSN: 19393547     Source Type: Journal    
DOI: 10.1080/19393555.2011.652290     Document Type: Article

References (23)

1. Alexander, I. F. 2003. Misuse cases, use cases with hostile intent. IEEE Software, 20(1): 58-66.
2. Alexander, I. F. and Maiden, N. 2004. Scenarios, stories, use cases: Through the systems development life-cycle, New York, NY: John Wiley and Sons.
3. Beuster, G. (2002). Ontologies talk given at Czech Academy of Sciences. http://www.uni-koblenz.de/~gb/papers/2002_intro_talk_ontology_bang/agent_technologies.pdf.
4. Boaden, R. and Joyce, P. 2006. Developing the electronic health record: What about patient safety?. Health Services Management Research, 19: 94-104.
5. Brank, J., Grobelnik, M. and Mladenic, D. 2005. "A survey of ontology evaluation techniques". In Proceedings of the Conference on Data Mining and Data Warehouses (SiKDD2005), Ljubljana: Slovenia.
6. Cheng, B. H. and Atlee, J. M. June 4 2007. Research directions in requirements engineering, Future of Software Engineering (FOSE), June 4, Minneapolis, MN: ICSE, IEEE Computer Society. 2007
7. Dardenne, A., van Lamsweerde, A., and Fickas, S. 1993. Goal-directed requirements acquisition. Science of Computer Programming, 20(1-2): 3-50.
8. Dobson, G. and Sawyer, P. 2006. Revisiting ontology-based requirements engineering in the age of the semantic Web, Halden, MN: International Seminar on Dependable Requirements Engineering of Computerized Systems at NPPs, Institute for Energy Technology (IFE).
9. Dubois, P. 1995. The Albert II language: On the design and the use of a formal specification language for requirements analysis. (Unpublished doctoral dissertation), Belgique: University of Namur.
10. Greenspan, S. 1984. A knowledge representation approach to requirements definition. (Unpublished doctoral dissertation), Canada: University of Toronto.
11. Gruber, T. R. 1993. A translation approach to portable ontology specification. Knowledge Acquisition, 5: 199-220.
12. Gruber, T. R. 1995. Towards principles for the design of ontologies used for knowledge sharing. International Journal of Human and Computer Studies, 43(5/6): 907-928.
13. Karyda, M., Balopoulos, T., Gymnopoulos, L., Kokolakis, S., Lambrinoudakis, C., Gritzalis, S. and Dritsas, S. April 20-22 2006. "An ontology for secure e-government applications". In Proceedings of the First International Conference on Availability, Reliability and Security, April 20-22, Vienna, Austio: Vienna University of Technology.
14. Lasheras, J., Valencia-García, R., Fernández-Breis, J. T. and Toral, A. 2009. Modeling reusable security requirements based on an ontology framework. Journal of Research and Practice in Information Technology, 41(2): 119-133.
15. Lin, J., Fox, M. S. and Bilgic, T. 1996. A requirement ontology for engineering design. Concurrent Engineering: Research and Applications, 4(4): 279-291.
16. Mayank, V., Kositsyna, N. and Austin, M. 2004. Requirements engineering and the semantic Web, Part II. Representation, management, and validation of requirements and system-level architectures (Technical Report. TR 2004-14), College Park, MD: University of Maryland.
17. Mylopoulos, J., Borgida, A., Jarve, M. and Koubarakis, M. 1990. Telos: Representing knowledge about information systems. ACM Transactions on Information Systems, 8: 325-362.
18. Noy, N. F., & McGuiness, D. L. (2001, March). Ontology development 101: A guide to creating your first ontology. http://wwwksl.stanford.edu/people/dlm/papers/ontology-tutorial-noymcguinness-abstract.html.
19. Protege Ontology Editor and Knowledge Acquisition System. (2004). Stanford University. http://protege.stanford.edu/.
20. Rostad, L. 2006. "An extended misuse case notation: Including vulnerabilities and the insider threats". In Proceedings of Requirements Engineering: Foundation for Software Quality (REFSQ'06), 33-43. Luxembourg: Essener Informatik Beitrage.
21. Vorobiev, A., Han, J. and Bekmamedova, N. 2008. An ontology framework for managing security attacks and defenses in component-based software systems, Australia: Paper presented at the Software Engineering Conference ASWEC 2008, March 25-28, Perth.
22. Witmer, G. (2004). Dictionary of philosophy of mind - ontology. http://www.artsci.wustl.edu/~philos/MindDict/ontology.html.
23. Yu, E. and Mylopoulos, J. 1994. Using goals, rules, and methods to support reasoning in business process reengineering. Proceedings of the 27th International Conference on System Sciences 243-243. Maui, Hawaii