Towards a Semantic Web-enabled Knowledge Base to Elicit Security Requirements for Misuse Cases
Eliciting security requirements is critical but hard for non-expert to fulfill an exhaustive analysis on large body of security knowledge. Emerging models in requirements engineering (RE) society release some burden of such difficulty, as well as security ontologies are booming for knowledge sharing and reuse. There exists necessity for the synergy of them, such as utilizing security ontology (SO) as the back end of Knowledge Base (KB) for capturing security requirements by using known RE models. Research advances in the Semantic Web (SW) community provide a common framework of technologies that allows data to be shared and reused across boundaries of various application and community. This paper proposes a knowledge base which is constructed on SO and Misuse Case Model (MCM), by representing them into OWL (Web Ontology Language). Semantic rules can be derived from the correlation of SO and MCM to be utilized for reasoning and querying security knowledge via MCM-based requirements elicitation. The proposed KB coordinates SO with a specific RE model to facilitate knowledge sharing to be a foundation for eliciting security requirements automatically.
Haibo Hu Dan Yang Hong Xiang Li Fu Chunxiao Ye Ren Li
The School of Software Engineering, Huxi Campus of Chongqing University 410331, Chongqing, China College of Computer Science, Chongqing University 400030, Chongqing, China
国际会议
13th International Conference on Enterprise Information System(第13届企业信息系统国际会议 ICEIS 2011)
北京
英文
1506-1515
2011-06-08(万方平台首次上网日期,不代表论文的发表时间)