Guan, H, Yang, H and Wang, J (2016) 'An ontology-based approach to security pattern selection.' International Journal of Automation and Computing, 13 (2). pp. 168-182. ISSN 1476-8186
7639.pdf - Accepted Version
All Rights Reserved.
Download (1MB) | Preview
Usually, the security requirements are addressed by abstracting the security problems arising in a specific context and providing a well proven solution to them. Security patterns incorporating proven security expertise solution to the recurring security problems have been widely accepted by the community of security engineering. The fundamental challenge for using security patterns to satisfy security requirements is the lack of defined syntax, which makes it impossible to ask meaningful questions and get semantically meaningful answers. Therefore, this paper presents an ontological approach to facilitating security knowledge mapping from security requirements to their corresponding solutions-security patterns. Ontologies have been developed usingWeb Ontology Language (OWL) and then incorporated into a security pattern search engine which enables sophisticated search and retrieval of security patterns using the proposed algorithm. Applying the introduced approach allows security novices to reuse security expertise to develop secure software system.
This work was supported by Research Project of Education department of Liaoning Province (No. L2013156), National Scholarship (No. 201208210386), and Key Industry Problem Plan of Liaoning Province (No. 2012219001).
The full text of the article is currently available at the 'Related URLs' links below.
|Keywords:||Security pattern, ontology, security requirement, risk analysis, security engineering|
|Divisions:||College of Liberal Arts|
|Date Deposited:||20 Apr 2016 16:23|
|Last Modified:||21 Mar 2017 18:28|
|Request a change to this item or report an issue|
|Update item (repository staff only)|