From Security Modelling to Run-time Security Monitoring

In this paper we take the first steps from security modelling to runtime security monitoring. Providing full support for run-time security monitoring requires that following issues are solved: security concepts has to be defined in an unambiguous way, security level has to be defined and measured, and finally, software has to adapt itself based on measurements and requirements. This paper addresses the unambiguous definition of security by examining existing security ontologies. None of the existing ontologies is able to support run-time security monitoring as such, and there is a need to combine and widen these ontologies. In addition, this paper describes our vision how run-time security management can be achieved as the wholeness.

[1]  William A. Wulf,et al.  TOWARDS A FRAMEWORK FOR SECURITY MEASUREMENT , 1997 .

[2]  Timothy W. Finin,et al.  Security for DAML Web Services: Annotation and Matchmaking , 2003, SEMWEB.

[3]  Carl E. Landwehr,et al.  Basic concepts and taxonomy of dependable and secure computing , 2004, IEEE Transactions on Dependable and Secure Computing.

[4]  Timothy W. Finin,et al.  Security in the Semantic Web using OWL , 2005, Inf. Secur. Tech. Rep..

[5]  Myong H. Kang,et al.  Security Ontology for Annotating Resources , 2005, OTM Conferences.

[6]  Dimitris Gritzalis,et al.  An Ontology-Based Approach to Information Systems Security Management , 2005, MMM-ACNS.

[7]  Mario Piattini,et al.  Towards a consistent terminology for software measurement , 2006, Inf. Softw. Technol..

[8]  Dimitris Gritzalis,et al.  Towards an Ontology-based Security Management , 2006, 20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06).

[9]  Paul E. Black SAMATE's Contribution to Information Assurance , 2006 .

[10]  Reijo Savola,et al.  Towards a taxonomy for information security metrics , 2007, QoP '07.

[11]  Eila Niemelä,et al.  A Taxonomy of Information Security for Service-Centric Systems , 2007, 33rd EUROMICRO Conference on Software Engineering and Advanced Applications (EUROMICRO 2007).

[12]  Habtamu Abie,et al.  Identification of Basic Measurable Security Components for a Distributed Messaging System , 2009, 2009 Third International Conference on Emerging Security Information, Systems and Technologies.

[13]  B. Gladman,et al.  Security Engineering: a Guide to Building Dependable Distributed Systems Physical Tamper Resistance 14.1 Introduction , 2022 .