https://www.mdu.se/

mdu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Security Ontologies: A Systematic Literature Review
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0002-7986-2214
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0003-0757-822X
Mälardalen University, School of Innovation, Design and Engineering, Embedded Systems.ORCID iD: 0000-0003-0904-3712
2022 (English)In: Lecture Notes In Computer Science: 26th International Conference on Enterprise Design, Operations, and Computing, EDOC 2022, Springer Science and Business Media Deutschland GmbH , 2022, p. 36-53Conference paper, Published paper (Refereed)
Abstract [en]

Security ontologies have been developed to facilitate the organization and management of security knowledge. A comparison and evaluation of how these ontologies relate to one another is challenging due to their structure, size, complexity, and level of expressiveness. Differences between ontologies can be found on both the ontological and linguistic levels, resulting in errors and inconsistencies (i.e., different concept hierarchies, types of concepts, definitions) when comparing and aligning them. Moreover, many concepts related to security ontologies have not been thoroughly explored and do not fully meet security standards. By using standards, we can ensure that concepts and definitions are unified and coherent. In this study, we address these deficiencies by reviewing existing security ontologies to identify core concepts and relationships. The primary objective of the systematic literature review is to identify core concepts and relationships that are used to describe security issues. We further analyse and map these core concepts and relationships to five security standards (i.e., NIST SP 800-160, NIST SP 800-30 rev.1, NIST SP 800-27 rev.A, ISO/IEC 27001 and NISTIR 8053). As a contribution, this paper provides a set of core concepts and relationships that comply with the standards mentioned above and allow for a new security ontology to be developed.

Place, publisher, year, edition, pages
Springer Science and Business Media Deutschland GmbH , 2022. p. 36-53
Series
Lecture Notes in Computer Science, ISSN 0302-9743 ; 13585 LNCS
Keywords [en]
Concepts, Ontologies, Relationships, Security ontology, Security standards, ISO Standards, Concept, Concept hierarchies, Ontology's, Organization and management, Relationship, Security ontologies, Size complexity, Structure sizes, Systematic literature review, Ontology
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mdh:diva-60551DOI: 10.1007/978-3-031-17604-3_3ISI: 000893215100003Scopus ID: 2-s2.0-85140464807ISBN: 9783031176036 (print)OAI: oai:DiVA.org:mdh-60551DiVA, id: diva2:1708201
Conference
26th International Conference on Enterprise Design, Operations, and Computing, EDOC 2022, Bozen-Bolzano, Italy, 3-7 October, 2022
Available from: 2022-11-03 Created: 2022-11-03 Last updated: 2023-08-16Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Adach, MalinaHänninen, KajLundqvist, Kristina

Search in DiVA

By author/editor
Adach, MalinaHänninen, KajLundqvist, Kristina
By organisation
Embedded Systems
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 900 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf