The Open UniversitySkip to content

An extended ontology for security requirements

Massacci, Fabio; Mylopoulos, John; Paci, Federica; Tun, Thein and Yu, Yijun (2011). An extended ontology for security requirements. In: Advanced Information Systems Engineering Workshops, pp. 622–636.

DOI (Digital Object Identifier) Link:
Google Scholar: Look up in Google Scholar


Security concerns for physical, software and virtual worlds have captured the attention of researchers and the general public, thanks to a series of dramatic events during the past decade. Unsurprisingly, this has resulted in increased research activity on topics that relate to security requirements. At the very core of this activity lies the problem of determining a suitable set of concepts (aka ontology) for modeling security requirements. Many proposals for such ontologies exist in the literature. The main objective of this paper is to amalgamate and extend the security ontologies proposed in [1] and [2]. The amalgamation includes a careful comparison of primitive concepts in Problem Frames and Secure Tropos, but also offers a novel account for rather nebulous security concepts, such as those of vulnerability and threat. The new concepts are justified and related to the literature. Moreover, the paper offers a number of security requirements adopted from industrial case studies, along with their respective representation in terms of the proposed ontology.

Item Type: Conference or Workshop Item
Copyright Holders: 2011 Springer-Verlag
ISSN: 1865-1348
Project Funding Details:
Funded Project NameProject IDFunding Body
Not SetNot SetSecureChange
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Research Group: Centre for Research in Computing (CRC)
Item ID: 29986
Depositing User: Thein Tun
Date Deposited: 09 Nov 2011 09:49
Last Modified: 07 Dec 2018 09:56
Share this page:


Altmetrics from Altmetric

Citations from Dimensions

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU