Specifying and Verifying Meta-Security by Means of Semantic Web Methods

Borrego-Díaz, Joaquín; Chávez-González, Antonia M.; Pro-Martín, José Luis; Matos-Arana, Virginia

doi:10.1007/978-3-319-07995-0_35

Joaquín Borrego-Díaz¹²,
Antonia M. Chávez-González¹²,
José Luis Pro-Martín¹³ &
…
Virginia Matos-Arana¹²

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 299))

1647 Accesses

Abstract

In order to achieve a systematic treatment of security protocols, organizations release a number of technical briefings for describing how security incidents have to be managed. These documents can suffer semantic deficiencies, mainly due to ambiguity or different granularity levels of description and analysis. Ontological Engineering (OE) is a powerful instrument that can be applied for both, cleaning methods and knowledge in incident protocols, and specifying (meta)security requirements on protocols for solving security incidents. We also show how the ontology built from security reports can be used as the knowledge core for semantic systems in order to work with resolution incidents in a safe way. The method has been illustrated with a case study.

Partially supported by Excellence project TIC-6064 of Junta de Andalucía, co-financed with FEDER founds.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic

¥17,985 /Month

Get 10 units per month
Download Article/Chapter or eBook
1 Unit = 1 Article or 1 Chapter
Cancel anytime

Buy Now

Chapter: JPY 3498; Price includes VAT (Japan)

eBook: JPY 22879; Price includes VAT (Japan)

Softcover Book: JPY 28599; Price includes VAT (Japan)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Towards an Ontology of Security Assessment: A Core Model Proposal

What are Information Security Ontologies Useful for?

How FAIR are Security Core Ontologies? A Systematic Mapping Study

References

Aranda-Corral, G.A., Borrego-Díaz, J.: Mereotopological Analysis of Formal Concepts in Security Ontologies. In: Herrero, Á., Corchado, E., Redondo, C., Alonso, Á. (eds.) Computational Intelligence in Security for Information Systems 2010. AISC, vol. 85, pp. 33–40. Springer, Heidelberg (2010)
Chapter Google Scholar
Blanco, C., Lasheras, J., Valencia, R., Fernández, E., Toval, A., Piattini, M.: A Systematic Review and Comparison of Security Ontologies. In: Proc. 3rd. Int. Conf. on Availability, Reliability and Security, pp. 813–820. IEEE Computer Society (2008)
Google Scholar
Díaz-Vico, J., Fírvida-Pereira, D., Lozano-Merino, M.A.: Identification and reporting of security incidents for strategic operators. A basic guide for the protection of critical infrastructures. National Institute of Communication Tecnologies
Google Scholar
Díaz-Vico, J., Fírvida-Pereira, D., Lozano-Merino, M.A.: The Operator Console. A Basic Guide to Critical Infrastructure Protection. National Institute of Communication Tecnologies
Google Scholar
Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: Proc. 4th Int. Symp. on Inf. Comp. & Comm. Security, ASIACCS 2009, pp. 183–194. ACM (2009)
Google Scholar
Geers, K.: Strategic Cyber Security. NATO Cooperative Cyber Defence Centre of Excellence (2011)
Google Scholar
Herzog, A., Shahmehri, N., Duma, C.: An Ontology of Information Security. Int. J. Information Security and Privacy 1(4), 1–23 (2007)
Article Google Scholar
Herrero, A., Navarro, M., Corchado, E., Julián, V.: RT-MOVICAB-IDS: Addressing real-time intrusion detection. Future Generation Comp. Syst. 29(1), 250–261 (2013)
Article Google Scholar
Kim, W., Jeong, O.-R., Kim, C., So, J.: The dark side of the Internet: Attacks, costs and responses. Inf. Syst. 36(3), 675–705 (2011)
Article Google Scholar
Mace, J.C., Parkin, S., van Moorsel, A.: A collaborative ontology development tool for information security managers. In: Proc. 4th Symp. Comp. Human Inter. for the Management of Information Technology, 10 pages. ACM (2010)
Google Scholar
Pereira, T., Santos, H.: An Ontology Based Approach to Information Security. In: Sartori, F., Sicilia, M.Á., Manouselis, N. (eds.) MTSR 2009. CCIS, vol. 46, pp. 183–192. Springer, Heidelberg (2009)
Chapter Google Scholar
Sarmah, A., Hazarika, S.M., Sinha, S.K.: Security Pattern Lattice: A Formal Model to Organize Security Patterns. In: Proc. 19th Int. Conf. on Database and Expert Systems Application (DEXA 2008), pp. 292–296. IEEE Computer Society (2008)
Google Scholar
Sadvandi, S., Chapon, N., Piètre-Cambacédès, L.: Safety and security interdependencies in complex systems and SoS: challenges and perspectives. In: Complex Systems Design and Management, pp. 229–241. Springer, Heidelberg (2012)
Chapter Google Scholar
Smith, G.E., Watson, K.J., Baker, W.H., Pokorski, J.A.: A critical balance: Collaboration and security in the IT-enabled supply chain. Int. J. Production Research 45(11), 2595–2613 (2007)
Article Google Scholar

Download references

Author information

Authors and Affiliations

Dept. of Computer Science and Artificial Intelligence, University of Seville, Seville, Spain
Joaquín Borrego-Díaz, Antonia M. Chávez-González & Virginia Matos-Arana
Modinem S.L., Seville, Spain
José Luis Pro-Martín

Authors

Joaquín Borrego-Díaz
View author publications
You can also search for this author in PubMed Google Scholar
Antonia M. Chávez-González
View author publications
You can also search for this author in PubMed Google Scholar
José Luis Pro-Martín
View author publications
You can also search for this author in PubMed Google Scholar
Virginia Matos-Arana
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Joaquín Borrego-Díaz .

Editor information

Editors and Affiliations

DeustoTech Computing, University of Deusto, Bilbao, Spain
José Gaviria de la Puerta
DeustoTech Computing, University of Deusto, Bilbao, Spain
Iván García Ferreira
DeustoTech Computing, University of Deusto, Bilbao, Spain
Pablo Garcia Bringas
German Workforce ADL Partnership Laboratory, Waltershausen, Germany
Fanny Klett
Scientific Network for Innovation and Research Excellence, Machine Intelligence Research Labs (MIR Labs), Washington, USA
Ajith Abraham
Department of Computer Science, University of Sao Paulo at Sao Carlos, Sao Carlos, Brazil
André C.P.L.F. de Carvalho
Department of Civil Engineering Escuela Politénica Superior, University of Burgos, Burgos, Spain
Álvaro Herrero
Department of Civil Engineering Escuela Politénica Superior, University of Burgos, Burgos, Spain
Bruno Baruque
Departamento de Enxeñeria Industrial, Escuela Universitaria Politécnica, University of Salamanca, Salamanca, Spain and University of Coruña, La Coruña, Spain
Héctor Quintián
University of Salamanca, Salamanca, Spain
Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Borrego-Díaz, J., Chávez-González, A.M., Pro-Martín, J.L., Matos-Arana, V. (2014). Specifying and Verifying Meta-Security by Means of Semantic Web Methods. In: de la Puerta, J., et al. International Joint Conference SOCO’14-CISIS’14-ICEUTE’14. Advances in Intelligent Systems and Computing, vol 299. Springer, Cham. https://doi.org/10.1007/978-3-319-07995-0_35

Download citation

DOI: https://doi.org/10.1007/978-3-319-07995-0_35
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-07994-3
Online ISBN: 978-3-319-07995-0
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics