Ontology-Based Metrics Computation for System Security Assurance Evaluation
Journal article, Peer reviewed
Published version
Permanent lenke
https://hdl.handle.net/11250/3052502Utgivelsesdato
2022Metadata
Vis full innførselSamlinger
Originalversjon
10.1080/19361610.2022.2157190Sammendrag
Security assurance evaluation (SAE) is a technique that helps organizations to appraise the trust and confidence that a system can be operated correctly and securely. This paper contributes to the research on quantitative SAE by proposing an ontology-based assurance metrics computation solution, which consists of (1) a quantitative SAE approach, (2) an ontology for modeling the security assurance components and metrics, and (3) a metrics calculation engine for automatically generating metrics values. The feasibility and effectiveness of the proposed ontology-based SAE approach are examined through a preliminary ontology evaluation as well as a practical application-based evaluation. Ontology-Based Metrics Computation for System Security Assurance Evaluation