Ontological Mapping of Information Security Best-Practice Guidelines

نویسندگان

  • Stefan Fenz
  • Thomas Pruckner
  • Arman Manutscheri
چکیده

Due to a rapid growth in the use of electronic data processing and networking, an information security management system with a holistic and widespread view becomes more and more important for any kind of organization. The fundamental challenge for such systems is the representation and management of information security knowledge. While information security ontologies already exist, no methods have been proposed to map existing best-practice guidelines or information security standards to an existing ontology. Therefore, this paper presents a method for mapping the information security knowledge of the French EBIOS standard and the German IT Grundschutz Manual to a OWL-DL security ontology. Applying the introduced method allows to reuse existing information security knowledge bases and to map them to open and standardized data structures which can be easily reused by organizations and developers to support their existing information security management systems.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Exploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)

A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...

متن کامل

Exploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)

A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...

متن کامل

Ontological Mapping of Common Criteria's Security Assurance Requirements

The Common Criteria (CC) for Information Technology Security Evaluation provides comprehensive guidelines for the evaluation and certification of IT security regarding data security and data privacy. Due to the very complex and time-consuming certification process a lot of companies abstain from a CC certification. We created the CC Ontology tool, which is based on an ontological representation...

متن کامل

On Information Security Guidelines for Small/Medium Enterprises

The adoption rate of Internet-based technologies by United Kingdom (UK) Small and Medium Enterprises (SMEs) is regularly surveyed by the Department of Trade and Industry (DTI). Over several decades information security has evolved from early work such as the Bell La Padula (BLP) model toward widely disseminated Information Security Guidelines containing comprehensive and detailed advice. The ov...

متن کامل

The Revolutions of 2011-2012 in the Arabic Countries and Ontological Security of Israel

This paper seeks to examine the effect of the revolutions of 2011-2012 in the Arabic countries of the Middle East and North Africa (MENA) on Israeli regime's ontological security and its strategy of closure and deviation in the regional level. In other word, the paper tries to find the challenges the ontological security and identity of Israel is facing with after the occurrence of the awakenin...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2009