Sciweavers

ER
2009
Springer

A Modeling Ontology for Integrating Vulnerabilities into Security Requirements Conceptual Foundations

14 years 6 months ago
A Modeling Ontology for Integrating Vulnerabilities into Security Requirements Conceptual Foundations
Abstract. Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers exploit to compromise the system. This paper proposes a vulnerability-centric modeling ontology, which aims to integrate empirical knowledge of vulnerabilities into the system development process. In particular, we identify the basic concepts for modeling and analyzing vulnerabilities and their effects on the system. These concepts drive the definition of criteria that make it possible to compare and evaluate security frameworks based on vulnerabilities. We show how the proposed modeling ontology can be adopted in various conceptual modeling frameworks through examples.
Golnaz Elahi, Eric S. K. Yu, Nicola Zannone
Added 26 May 2010
Updated 26 May 2010
Type Conference
Year 2009
Where ER
Authors Golnaz Elahi, Eric S. K. Yu, Nicola Zannone
Comments (0)