Abstract
In Risk Management, security issues arise from complex relations among objects and agents, their capabilities and vulnerabilities, the events they are involved in, and the value and risk they ensue to the stakeholders at hand. Further, there are patterns involving these relations that crosscut many domains, ranging from information security to public safety. Understanding and forming a shared conceptualization and vocabulary about these notions and their relations is fundamental for modeling the corresponding scenarios, so that proper security countermeasures can be devised. Ontologies are instruments developed to address these conceptual clarification and terminological systematization issues. Over the years, several ontologies have been proposed in Risk Management and Security Engineering. However, as shown in recent literature, they fall short in many respects, including generality and expressivity - the latter impacting on their interoperability with related models. We propose a Reference Ontology for Security Engineering (ROSE) from a Risk Treatment perspective. Our proposal leverages on two existing Reference Ontologies: the Common Ontology of Value and Risk and a Reference Ontology of Prevention, both of which are grounded on the Unified Foundational Ontology (UFO). ROSE is employed for modeling and analysing some cases, in particular providing clarification to the semantically overloaded notion of Security Mechanism.
Original language | English |
---|---|
Title of host publication | Conceptual Modeling |
Subtitle of host publication | 41st International Conference, ER 2022, Hyderabad, India, October 17-20, 2022, Proceedings |
Editors | Jolita Ralyté, Sharma Chakravarthy, Mukesh Mohania, Manfred A. Jeusfeld, Kamalakar Karlapalem |
Publisher | Springer Nature |
Pages | 365-379 |
Number of pages | 15 |
ISBN (Electronic) | 978-3-031-17995-2 |
ISBN (Print) | 978-3-031-17994-5 |
DOIs | |
Publication status | Published - 10 Oct 2022 |
Event | 41st International Conference on Conceptual Modeling, ER 2022 - Virtual Event Duration: 17 Oct 2022 → 20 Oct 2022 Conference number: 41 https://er2022web.github.io/ER2022/ |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Volume | 13607 |
Conference
Conference | 41st International Conference on Conceptual Modeling, ER 2022 |
---|---|
Abbreviated title | ER 2022 |
City | Virtual Event |
Period | 17/10/22 → 20/10/22 |
Internet address |
Keywords
- Risk management
- Security Engineering
- Ontology
- 2023 OA procedure