Next Article in Journal
Drowsiness Estimation Using Electroencephalogram and Recurrent Support Vector Regression
Previous Article in Journal
Comparative Performance Evaluation of an Accuracy-Enhancing Lyapunov Solver
Article Menu
Issue 6 (June) cover image

Export Article

Open AccessArticle

Managing Software Security Knowledge in Context: An Ontology Based Approach

Faculty of Information Technology and Electrical Engineering, Norwegian University of Science and Technology, Gjøvik 2815, Norway
*
Author to whom correspondence should be addressed.
Information 2019, 10(6), 216; https://doi.org/10.3390/info10060216
Received: 29 May 2019 / Revised: 16 June 2019 / Accepted: 18 June 2019 / Published: 20 June 2019
(This article belongs to the Section Information Systems)
  |  
PDF [2797 KB, uploaded 25 June 2019]
  |  

Abstract

Knowledge of software security is highly complex since it is quite context-specific and can be applied in diverse ways. To secure software development, software developers require not only knowledge about general security concepts but also about the context for which the software is being developed. With traditional security-centric knowledge formats, it is difficult for developers or knowledge users to retrieve their required security information based on the requirements of software products and development technologies. In order to effectively regulate the operation of security knowledge and be an essential part of practical software development practices, we argue that security knowledge must first incorporate features that specify what contextual characteristics are to be handled, and represent the security knowledge in a format that is understandable and acceptable to the individuals. This study introduces a novel ontology approach for modeling security knowledge with a context-based approach, by which security knowledge can be retrieved, taking the context of the software application at hand into consideration. In this paper, we present our security ontology with the design concepts and the corresponding evaluation process. View Full-Text
Keywords: software security; knowledge management; security ontology; context-based software security; knowledge management; security ontology; context-based
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited (CC BY 4.0).
SciFeed

Share & Cite This Article

MDPI and ACS Style

Wen, S.-F.; Katt, B. Managing Software Security Knowledge in Context: An Ontology Based Approach. Information 2019, 10, 216.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Information EISSN 2078-2489 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top