Internet Archive Scholar

Ontology-Based Security Problem Definition and Solution for the Common Criteria Compliant Development Process

Andrzej Bialas
2009 2009 Fourth International Conference on Dependability of Computer Systems  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (594.5 kB)
https://web.archive.org/web/20170829202040/http://www.inf.furb.br/~paulofernando/downloads/ontologia-security/ontology%20common%20criteria.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL. The file type is application/pdf.

The paper shows how to apply a new ontology-based approach to the security problem definition (SPD), which is the key stage of the IT security development process compliant with the ISO/IEC 15408 Common Criteria standard. The SPD specifies threats, security policies and assumptions concerning the developed target of evaluation (TOE). On the SPD basis the security objectives (SO) are elaborated expressing the SPD problem solution, being the basis for further implementation works. The paper
more » ... ts shortly the Specification Means Ontology (SMO), the related knowledge base and their use by the IT security developers while the security problem is formulated and solved. The paper gives some examples concerning a simple firewall, summarizes the results and experiences, and defines the plans of future works.
doi:10.1109/depcos-relcomex.2009.15 dblp:conf/depcos/Bialas09 fatcat:dl5o3d732bdjrebplldqzv4fwm
Citation

Andrzej Bialas. "Ontology-Based Security Problem Definition and Solution for the Common Criteria Compliant Development Process." 2009 Fourth International Conference on Dependability of Computer Systems (2009) 3-10