An Ontology of Information Security

International Journal of Information Security and Privacy (IJISP)

Volumn 1, Issue 4, 2007, Pages 1-23

  Herzog, Almut ^a,b   Shahmehri, Nahid ^a   Duma, Claudiu ^a,c  

^a LINKÖPING UNIVERSITY   (Sweden)

^b UNIVERSITY OF HEIDELBERG   (Germany)

^c Polytechnic University of Timisoara   (Germany)

Author keywords

computer science; information systems; is security; ontologies; software

Indexed keywords

EID: 85001799494     PISSN: 19301650     EISSN: 19301669     Source Type: Journal    
DOI: 10.4018/jisp.2007100101     Document Type: Article

References (45)

1. Álvarez, G., & Petrovic, S. (2003). A new taxonomy of Web attacks suitable for efficient encoding. Computers & Security, 22(5), 435–449.
2. Amoroso, E. (1994). Fundamentals of computer security technology. Prentice Hall.
3. Axelsson, S. (2000). Intrusion detection systems: A survey and taxonomy (Tech. Rep. No. 99–15). Department of Computer Engineering, Chalmers University of Technology.
4. Bechhofer, S., van Harmelen, F., Hendler, J., Horrocks, I., McGuinness, D. L., Patel-Schneider, P. F., & Stein, L. A. (2004). OWL Web ontology language reference. Retrieved June 28, 2007, from http://www.w3.org/TR/owl-ref/
5. Bishop, M. (2003). Computer security: Art and science. Addison-Wesley.
6. Carver, C. A., & Pooch, U. W. (2000). An intrusion response taxonomy and its role in automatic intrusion response. In Proceedings of the IEEE Workshop on Information Assurance. IEEE.
7. Chakrabarti, A., & Manimaran, G. (2002). Internet infrastructure security: A taxonomy. IEEE Internet Computing, 16(6), 13–21.
8. Chen, P.P.-S. (1976). The entity-relationship model: Toward a unified view of data. ACM Transactions on Database Systems (TODS), 1(1), 9–36.
9. Debar, H., Dacier, M., & Wespi, A. (1999). Towards a taxonomy of intrusiondetection systems. Computer Networks, 31, 805–822.
10. DeLooze, L. L. (2004). Classification of computer attack using a selforganizing map. In Proceedings of the IEEE Workshop on Information Assurance (pp. 365–369). IEEE.
11. Donner, M. (2003). Toward a security ontology. IEEE Security and Privacy, 1(3), 6–7.
12. Gruber, T. R. (1995). Toward principles for the design of ontologies used for knowledge sharing. International Journal of Human-Computer Studies, 43(5–6), 907–928.
13. Ince, D. (2001). A dictionary of the Internet. Oxford University Press.
14. Irvine, C., & Levin, T. (1999). Toward a taxonomy and costing method for security services. In Proceedings of the 15th Annual Computer Security Applications Conference (ACSAC'99) (pp. 183–188). IEEE.
15. Jutla, D. N., & Bodorik, P. (2005). Sociotechnical architecture for online privacy. IEEE Security and Privacy, 3(2), 29–39.
16. Kim, A., Luo, J., & Kang, M. (2005). Security ontology for annotating resources. In Proceedings of the On the Move to Meaningful Internet Systems: CoopIS, DOA, and ODBASE (pp. 1483–1499). Springer-Verlag. Lecture Notes in Computer Science 3761.
17. Lambrix, P. (2004). Ontologies in bioinformatics and systems biology. In W. Dubitzky & F. Azuaje (Eds.), Artificial intelligence methods and tools for systems biology (pp. 129–146). Springer-Verlag.
18. Lambrix, P., & Tan, H. (2005). A framework for aligning ontologies. In Proceedings of the 3rd Workshop on Principles and Practice of Semantic Web Reasoning (pp. 17–31). Springer-Verlag. Lecture Notes in Computer Science 3703.
19. Lambrix, P., & Tan, H. (2007). Ontology alignment and merging. In A. Burger, D. Davidson, & R. Baldock (Eds.), Anatomy ontologies for bioinformatics: Principles and practice. Springer-Verlag.
20. Lambrix, P., Tan, H., Jakoniene, V., & Strömbäck, L. (2007). Biological ontologies. In C. J. Baker & K.-H. Cheung (Eds.), Semantic Web: Revolutionizing knowledge discovery in the life sciences (pp. 85–99). Springer-Verlag.
21. Lindqvist, U., & Jonsson, E. (1997). How to systemactically classify computer security intrusions. In Proceedings of the IEEE Symposium on Security and Privacy (S&P'97) (pp. 154–163). IEEE.
22. Neches, R., Fikes, R., Finin, T. W., Gruber, T. R., Patil, R., Senator, T. E., & Swartout, W. R. (1991). Enabling technology for knowledge sharing. AI Magazine, 12(3), 36–56.
23. Nejdl, W., Olmedilla, D., Winslett, M., & Zhang, C. C. (2005). Ontologybased policy specification and management. In Proceedings of the 2nd European Semantic Web Conference (ESCW'05) (pp. 290–302). Springer-Verlag. Lecture Notes in Computer Science 3532.
24. Neumann, P. G. (1995). Computer-related risks. Addison-Wesley.
25. Noy, N., & Rector, A. (2006). Defining N-ary relations on the semantic Web. Retrieved June 28, 2007, from http://www.w3.org/TR/swbp-naryRelations/
26. Oxford University Press. (2004). A dictionary of computing (Oxford Reference Online). Author.
27. Patel-Schneider, P. F., Hayes, P., & Horrocks, I. (2004). OWL Web ontology language semantics and abstract syntax. Retrieved June 28, 2007, from http://www.w3.org/TR/ owl-absyn/
28. Powers, S. (2003). Practical RDF. O'Reilly.
29. Prud'hommeaux, E., & Seaborne, A. (2006). SPARQL query language for RDF. World Wide Web Consortium (W3C).
30. Rector, A., Drummond, N., Horridge, M., Rogers, J., Knublauch, H., Stevens, R., Wang, H., & Wroe, C. (2004). OWL pizzas: Practical experience of teaching OWL-DL: Common errors and common patterns. In Proceedings of the 14th International Conference of Engineering Knowledge in the Age of the SemanticWeb (EKAW'04) (pp. 63–81). Springer-Verlag. Lecture Notes in Computer Science 3257.
31. Schumacher, M. (2003). Security engineering with patterns: Origins, theoretical model, and new applications. Springer-Verlag. Lecture Notes in Computer Science 2754.
32. Simmonds, A., Sandilands, P., & van Ekert, L. (2004). An ontology for network security attacks. In Proceedings of the 2nd Asian Applied Computing Conference (AACC'04) (pp. 317–323). Springer-Verlag. Lecture Notes in Computer Science 3285.
33. Squicciarini, A. C., Bertino, E., Ferrari, E., & Ray, I. (2006). Achieving privacy in trust negotiations with an ontology-based approach. IEEE Transactions on Dependable and Secure Computing, 3(1), 13–30.
34. Stallings, W. (2006). Cryptography and network security: Principles and practices (4th ed.). Prentice Hall.
35. Stevens, R., Goble, C. A., & Bechhofer, S. (2000). Ontology-based knowledge representation for bioinformatics. Briefings in Bioinformatics, 1(4), 398–414.
36. Ször, P. (2005). The art of computer virus research and defense. Addison-Wesley.
37. Takahashi, Y., Abiko, T., Negishi, E., Itabashi, G., Kato, Y., Takahashi, K., & Shiratori, N. (2005). An ontology-based e-learning system for network security. Proceedings of the 19th International Conference on Advanced Information Networking and Applications (AINA'05), 1, 197–202. IEEE.
38. Tsoumas, B., Dritsas, S., & Gritzalis, D. (2005). An ontology-based approach to information systems security management. In Gorodetsky, V., Kotenko, I., & Skormin, V. (Eds.), Computer Network Security: Third International Workshop on Mathematical Methods, Models, and Architectures for Computer Network Security (MMM-ACNS'05) (pp. 151–164). Springer-Verlag. Lecture Notes in Computer Science 3685.
39. Undercoffer, J., Joshi, A., Finin, T., & Pinkston, J. (2004). Using DAML+OIL to classify intrusive behaviors. The Knowledge Engineering Review, pp. 221–241.
40. Venter, H. S., & Eloff, J. H. P. (2003). A taxonomy for information security technologies. Computers & Security, 22(4), 299–307.
41. Wang, H., & Wang, C. (2003). Taxonomy of security considerations and software quality. Communications of the ACM, 46(6), 75–78.
42. Welch, D., & Lathrop, S. (2003). Wireless security threat taxonomy. In Proceedings of the IEEE Workshop on Information Assurance (pp. 76–83). IEEE.
43. Whitman, M. E., & Mattord, H. J. (2005). Principles of information security (2nd ed.). Thomson Course Technology.
44. Wilander, J. (2005). Modeling and visualizing security properties of code using dependence graphs. In Proceedings of the 5th Conference on Software Engineering Research and Practice in Sweden (pp. 65–74). Retrieved June 28, 2007, from http: //www.idt.mdh.se/serps-05/SERPS05.pdf
45. Wilander, J., & Kamkar, M. (2003). A comparison of publicly available tools for dynamic buffer overflow prevention. In Proceedings of the 10th Network and Distributed System Security Symposium (NDSS'03) (pp. 149–162). Internet Society.