An Ontology-Based Context Model for Managing Security Knowledge in Software Development
Chapter
Published version
Permanent lenke
https://hdl.handle.net/11250/3079718Utgivelsesdato
2018Metadata
Vis full innførselSamlinger
Originalversjon
http://dx.doi.org/10.23919/FRUCT.2018.8588107Sammendrag
Software security has been the focus of the security community and practitioners over the past decades. Much security information is widely available in books, open literature or on the internet. We argue that the generated huge mass of information has resulted in a form of information overload to software engineers who usually finish reading it without being able to apply those principles clearly to their own application context. Our research tackles software security issues from a knowledge management perspective. In this paper, we present an ontology approach to model the knowledge of software security in a context-sensitive manner, supporting software engineers and learners to enable the correlation process between security domain knowledge and their working context. We also propose a web-based application for security knowledge sharing and learning where the ontology is adopted as the central knowledge repository.