Skip to main content
SpringerLink
Log in

Specifying and Verifying Meta-Security by Means of Semantic Web Methods

  • Conference paper
International Joint Conference SOCO’14-CISIS’14-ICEUTE’14

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 299))

Abstract

In order to achieve a systematic treatment of security protocols, organizations release a number of technical briefings for describing how security incidents have to be managed. These documents can suffer semantic deficiencies, mainly due to ambiguity or different granularity levels of description and analysis. Ontological Engineering (OE) is a powerful instrument that can be applied for both, cleaning methods and knowledge in incident protocols, and specifying (meta)security requirements on protocols for solving security incidents. We also show how the ontology built from security reports can be used as the knowledge core for semantic systems in order to work with resolution incidents in a safe way. The method has been illustrated with a case study.

Partially supported by Excellence project TIC-6064 of Junta de Andalucía, co-financed with FEDER founds.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Aranda-Corral, G.A., Borrego-Díaz, J.: Mereotopological Analysis of Formal Concepts in Security Ontologies. In: Herrero, Á., Corchado, E., Redondo, C., Alonso, Á. (eds.) Computational Intelligence in Security for Information Systems 2010. AISC, vol. 85, pp. 33–40. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  2. Blanco, C., Lasheras, J., Valencia, R., Fernández, E., Toval, A., Piattini, M.: A Systematic Review and Comparison of Security Ontologies. In: Proc. 3rd. Int. Conf. on Availability, Reliability and Security, pp. 813–820. IEEE Computer Society (2008)

    Google Scholar 

  3. Díaz-Vico, J., Fírvida-Pereira, D., Lozano-Merino, M.A.: Identification and reporting of security incidents for strategic operators. A basic guide for the protection of critical infrastructures. National Institute of Communication Tecnologies

    Google Scholar 

  4. Díaz-Vico, J., Fírvida-Pereira, D., Lozano-Merino, M.A.: The Operator Console. A Basic Guide to Critical Infrastructure Protection. National Institute of Communication Tecnologies

    Google Scholar 

  5. Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: Proc. 4th Int. Symp. on Inf. Comp. & Comm. Security, ASIACCS 2009, pp. 183–194. ACM (2009)

    Google Scholar 

  6. Geers, K.: Strategic Cyber Security. NATO Cooperative Cyber Defence Centre of Excellence (2011)

    Google Scholar 

  7. Herzog, A., Shahmehri, N., Duma, C.: An Ontology of Information Security. Int. J. Information Security and Privacy 1(4), 1–23 (2007)

    Article  Google Scholar 

  8. Herrero, A., Navarro, M., Corchado, E., Julián, V.: RT-MOVICAB-IDS: Addressing real-time intrusion detection. Future Generation Comp. Syst. 29(1), 250–261 (2013)

    Article  Google Scholar 

  9. Kim, W., Jeong, O.-R., Kim, C., So, J.: The dark side of the Internet: Attacks, costs and responses. Inf. Syst. 36(3), 675–705 (2011)

    Article  Google Scholar 

  10. Mace, J.C., Parkin, S., van Moorsel, A.: A collaborative ontology development tool for information security managers. In: Proc. 4th Symp. Comp. Human Inter. for the Management of Information Technology, 10 pages. ACM (2010)

    Google Scholar 

  11. Pereira, T., Santos, H.: An Ontology Based Approach to Information Security. In: Sartori, F., Sicilia, M.Á., Manouselis, N. (eds.) MTSR 2009. CCIS, vol. 46, pp. 183–192. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. Sarmah, A., Hazarika, S.M., Sinha, S.K.: Security Pattern Lattice: A Formal Model to Organize Security Patterns. In: Proc. 19th Int. Conf. on Database and Expert Systems Application (DEXA 2008), pp. 292–296. IEEE Computer Society (2008)

    Google Scholar 

  13. Sadvandi, S., Chapon, N., Piètre-Cambacédès, L.: Safety and security interdependencies in complex systems and SoS: challenges and perspectives. In: Complex Systems Design and Management, pp. 229–241. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  14. Smith, G.E., Watson, K.J., Baker, W.H., Pokorski, J.A.: A critical balance: Collaboration and security in the IT-enabled supply chain. Int. J. Production Research 45(11), 2595–2613 (2007)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science and Artificial Intelligence, University of Seville, Seville, Spain

    Joaquín Borrego-Díaz, Antonia M. Chávez-González & Virginia Matos-Arana

  2. Modinem S.L., Seville, Spain

    José Luis Pro-Martín

Authors
  1. Joaquín Borrego-Díaz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Antonia M. Chávez-González
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. José Luis Pro-Martín
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Virginia Matos-Arana
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Joaquín Borrego-Díaz .

Editor information

Editors and Affiliations

  1. DeustoTech Computing, University of Deusto, Bilbao, Spain

    José Gaviria de la Puerta

  2. DeustoTech Computing, University of Deusto, Bilbao, Spain

    Iván García Ferreira

  3. DeustoTech Computing, University of Deusto, Bilbao, Spain

    Pablo Garcia Bringas

  4. German Workforce ADL Partnership Laboratory, Waltershausen, Germany

    Fanny Klett

  5. Scientific Network for Innovation and Research Excellence, Machine Intelligence Research Labs (MIR Labs), Washington, USA

    Ajith Abraham

  6. Department of Computer Science, University of Sao Paulo at Sao Carlos, Sao Carlos, Brazil

    André C.P.L.F. de Carvalho

  7. Department of Civil Engineering Escuela Politénica Superior, University of Burgos, Burgos, Spain

    Álvaro Herrero

  8. Department of Civil Engineering Escuela Politénica Superior, University of Burgos, Burgos, Spain

    Bruno Baruque

  9. Departamento de Enxeñeria Industrial, Escuela Universitaria Politécnica, University of Salamanca, Salamanca, Spain and University of Coruña, La Coruña, Spain

    Héctor Quintián

  10. University of Salamanca, Salamanca, Spain

    Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Borrego-Díaz, J., Chávez-González, A.M., Pro-Martín, J.L., Matos-Arana, V. (2014). Specifying and Verifying Meta-Security by Means of Semantic Web Methods. In: de la Puerta, J., et al. International Joint Conference SOCO’14-CISIS’14-ICEUTE’14. Advances in Intelligent Systems and Computing, vol 299. Springer, Cham. https://doi.org/10.1007/978-3-319-07995-0_35

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-07995-0_35

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-07994-3

  • Online ISBN: 978-3-319-07995-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation