Managing Software Security Knowledge in Context: An Ontology Based Approach
AbstractKnowledge of software security is highly complex since it is quite context-specific and can be applied in diverse ways. To secure software development, software developers require not only knowledge about general security concepts but also about the context for which the software is being developed. With traditional security-centric knowledge formats, it is difficult for developers or knowledge users to retrieve their required security information based on the requirements of software products and development technologies. In order to effectively regulate the operation of security knowledge and be an essential part of practical software development practices, we argue that security knowledge must first incorporate features that specify what contextual characteristics are to be handled, and represent the security knowledge in a format that is understandable and acceptable to the individuals. This study introduces a novel ontology approach for modeling security knowledge with a context-based approach, by which security knowledge can be retrieved, taking the context of the software application at hand into consideration. In this paper, we present our security ontology with the design concepts and the corresponding evaluation process. View Full-Text
Share & Cite This Article
Wen, S.-F.; Katt, B. Managing Software Security Knowledge in Context: An Ontology Based Approach. Information 2019, 10, 216.
Wen S-F, Katt B. Managing Software Security Knowledge in Context: An Ontology Based Approach. Information. 2019; 10(6):216.Chicago/Turabian Style
Wen, Shao-Fang; Katt, Basel. 2019. "Managing Software Security Knowledge in Context: An Ontology Based Approach." Information 10, no. 6: 216.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.