Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers exploit to compromise the system. This paper proposes a vulnerability-centric modeling ontology, which aims to integrate empirical knowledge of vulnerabilities into the system development process. In particular, we identify the basic concepts for modeling and analyzing vulnerabilities and their effects on the system. These concepts drive the definition of criteria that make it possible to compare and evaluate security frameworks based on vulnerabilities. We show how the proposed modeling ontology can be adopted in various conceptual modeling frameworks through examples. Financial support from Natural Science and Engineering Research Council of Ca...
Software systems have become highly distributed and complex involving independent components working...
Considering the continuous growth in the complexity of both information systems and security informa...
This paper proposes an ontology-based approach to analyzing and assessing the security posture for s...
Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers expl...
In the paper the usage of the ontological approach, description logics and logical inference to the ...
Security concerns for physical, software and virtual worlds have captured the attention of researche...
In order to reach the goals of the Information Security Automation Program (ISAP) [1], we propose an...
Prevention of exploits requires timely intelligence about the cybersecurity vulnerabilities and thre...
Abstract — As vulnerabilities keep increasing exponentially every year, the need to efficiently clas...
In Risk Management, security issues arise from complex relations among objects and agents, their cap...
Logical vulnerability is the breaking into a system by manipulating the rules of the system and secu...
AbstractAs the computer network has evolved to provide the user many services, the attacks on these ...
We first consider network security services and then review threats, vulnerabilities and failure mo...
Many security breaches occur because of exploitation of vulnerabilities within the system. Vulnerabi...
Security requirements managers aim at eliciting, reusing and keeping their sets of requirements. The...
Software systems have become highly distributed and complex involving independent components working...
Considering the continuous growth in the complexity of both information systems and security informa...
This paper proposes an ontology-based approach to analyzing and assessing the security posture for s...
Vulnerabilities are weaknesses in the requirements, design, and implementation, which attackers expl...
In the paper the usage of the ontological approach, description logics and logical inference to the ...
Security concerns for physical, software and virtual worlds have captured the attention of researche...
In order to reach the goals of the Information Security Automation Program (ISAP) [1], we propose an...
Prevention of exploits requires timely intelligence about the cybersecurity vulnerabilities and thre...
Abstract — As vulnerabilities keep increasing exponentially every year, the need to efficiently clas...
In Risk Management, security issues arise from complex relations among objects and agents, their cap...
Logical vulnerability is the breaking into a system by manipulating the rules of the system and secu...
AbstractAs the computer network has evolved to provide the user many services, the attacks on these ...
We first consider network security services and then review threats, vulnerabilities and failure mo...
Many security breaches occur because of exploitation of vulnerabilities within the system. Vulnerabi...
Security requirements managers aim at eliciting, reusing and keeping their sets of requirements. The...
Software systems have become highly distributed and complex involving independent components working...
Considering the continuous growth in the complexity of both information systems and security informa...
This paper proposes an ontology-based approach to analyzing and assessing the security posture for s...