Abstract. In order to achieve a systematic treatment of security protocols, organizations release a number of technical briefings for describing how security incidents have to be managed. These documents can suffer semantic deficiencies, mainly due to ambiguity or different granularity levels of description and analysis. Ontological Engineering (OE) is a powerful instrument that can be applied for both, cleaning methods and knowledge in incident protocols, and specifying (meta)security requirements on protocols for solving security incidents. We also show how the ontology built from security reports can be used as the knowledge core for semantic systems in order to work with resolution incidents in a safe way. The method has been illustrated with a case study
In order to achieve a safe and systematic treatment of security protocols, organizations release a number of technical briefings describing how to detect and manage security incidents. A critical issue is that this document set may suffer from semantic deficiencies, mainly due to ambiguity or different granularity levels of description and analysis. An approach to face this problem is the use of semantic methodologies in order to provide better Knowledge Externalization from incident protocols management. In this article, we propose a method based on semantic techniques for both, analyzing and specifying (meta)security requirements on protocols used for solving security incidents. This would allow specialist getting better documentation on their intangible knowledge about them.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.