Ontology-based Dynamic and Context-aware Security Assessment Automation for Critical Applications

Waqas Aman, Fazlullah Khan

نتاج البحث: Conference contribution

5 اقتباسات (Scopus)


Several assessment techniques and methodologies exist to analyze the security of an application dynamically. However, they either are focused on a particular product or are mainly concerned about the assessment process rather than the product's security confidence. Most crucially, they tend to assess the security of a target application as a standalone artifact without assessing its host infrastructure. Such attempts can undervalue the overall security posture since the infrastructure becomes crucial when it hosts a critical application. We present an ontology-based security model that aims to provide the necessary knowledge, including network settings, application configurations, testing techniques and tools, and security metrics to evaluate the security aptitude of a critical application in the context of its hosting infrastructure. The objective is to integrate the current good practices and standards in security testing and virtualization to furnish an on-demand and test-ready virtual target infrastructure to execute the critical application and to initiate a context-aware and quantifiable security assessment process in an automated manner. Furthermore, we present a security assessment architecture to reflect on how the ontology can be integrated into a standard process.

اللغة الأصليةUndefined/Unknown
عنوان منشور المضيفIEEE 8th Global Conference on Consumer Electronics, GCCE 2019, Osaka, Japan, October 15-18, 2019
عدد الصفحات4
رقم المعيار الدولي للكتب (الإلكتروني)9781728135755
المعرِّفات الرقمية للأشياء
حالة النشرPublished - 2019
الحدث8th IEEE Global Conference on Consumer Electronics, GCCE 2019 - Osaka, Japan
المدة: أكتوبر ١٥ ٢٠١٩أكتوبر ١٨ ٢٠١٩

سلسلة المنشورات

الاسم2019 IEEE 8th Global Conference on Consumer Electronics, GCCE 2019


Conference8th IEEE Global Conference on Consumer Electronics, GCCE 2019

ASJC Scopus subject areas

  • ???subjectarea.asjc.1700.1702???
  • ???subjectarea.asjc.3100.3105???
  • ???subjectarea.asjc.2200.2208???
  • ???subjectarea.asjc.1700.1705???
  • ???subjectarea.asjc.1700.1706???

قم بذكر هذا