an ontology based approach to the formalization of
play

An Ontology-based Approach to the Formalization of Information - PowerPoint PPT Presentation

Jan 12, 2023 •404 likes •878 views

An Ontology-based Approach to the Formalization of Information Security Policies An Ontology-based Approach to the Formalization of Information Security Policies Fernando Nufel do Amaral Carlos Bazlio Geiza Maria Hamazaki da Silva

  1. An Ontology-based Approach to the Formalization of Information Security Policies An Ontology-based Approach to the Formalization of Information Security Policies Fernando Náufel do Amaral Carlos Bazílio Geiza Maria Hamazaki da Silva Alexandre Rademaker Edward Hermann Haeusler TecMF Dept. of Informatics PUC-Rio, Brazil VORTE 2006

  2. An Ontology-based Approach to the Formalization of Information Security Policies Motivation Project Anubis Participants ◮ IS Consulting Firm ⇒ Experienced at developing and implementing tools and techniques for Information Security and Risk Analysis. Strong presence in the marketplace. ◮ TecMF ⇒ Experienced at developing and using logic- and formal-semantic-based techniques, languages and frameworks. Intensional programming (TXL, XSLT, MAUDE, etc).

  3. An Ontology-based Approach to the Formalization of Information Security Policies Motivation Project Anubis Demands ◮ IS Consulting Firm ⇒ Rethink / refactor / adapt a proprietary tool for Risk Analysis and Information Security ◮ TeCMF ⇒ Develop case studies and solutions for real-world, industrial-scale problems

  4. An Ontology-based Approach to the Formalization of Information Security Policies Motivation Working Environment Working Environment Main Concepts in Information Security ◮ Standards, Control Objectives ◮ Security Policies, Actions, Security Controls ◮ The big picture

  5. An Ontology-based Approach to the Formalization of Information Security Policies Motivation Working Environment Standards ◮ Public documents in normative text ◮ Set of Control Objectives to be accomplished by the organization desiring a higher level of security ◮ State what should be achieved at a higher level of abstraction ◮ Control-based × threat-based approach to security

  6. An Ontology-based Approach to the Formalization of Information Security Policies Motivation Working Environment Security Policies ◮ The organization’s Security Policy is implemented through a set of Actions ◮ Actions should achieve the Control Objectives and protect the organization against potential threats ◮ Actions are implemented by a set of Security Controls ◮ Security Controls are low-level technical measures that can be directly observed / implemented

  7. An Ontology-based Approach to the Formalization of Information Security Policies Motivation Working Environment The Security Landscape Nowadays Threat and Risk Analysis Control Objective Control Objective + Standards (Cobit, Iso/Nist, Coso) Security Action Action Policy Directly app licable Security Control Security Control assertives

  8. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture Computer-Aided Risk Analysis Tools ◮ Implemented from an initial ◮ Represents the knowledge set of empirically defined of an expert group security controls ◮ Updated on demand ◮ Need for conformance ◮ Human-performed ◮ Computer stores data and conformance analysis performs minimal inference ◮ Designed in bottom-up ◮ Based on the needs of the fashion market

  9. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture Computer-Aided Risk Analysis Tools ◮ Implemented from an initial ◮ Represents the knowledge set of empirically defined of an expert group security controls ◮ Updated on demand ◮ Need for conformance ◮ Human-performed ◮ Computer stores data and conformance analysis performs minimal inference ◮ Designed in bottom-up ◮ Based on the needs of the fashion market

  10. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture Computer-Aided Risk Analysis Tools ◮ Implemented from an initial ◮ Represents the knowledge set of empirically defined of an expert group security controls ◮ Updated on demand ◮ Need for conformance ◮ Human-performed ◮ Computer stores data and conformance analysis performs minimal inference ◮ Designed in bottom-up ◮ Based on the needs of the fashion market

  11. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture Computer-Aided Risk Analysis Tools ◮ Implemented from an initial ◮ Represents the knowledge set of empirically defined of an expert group security controls ◮ Updated on demand ◮ Need for conformance ◮ Human-performed ◮ Computer stores data and conformance analysis performs minimal inference ◮ Designed in bottom-up ◮ Based on the needs of the fashion market

  12. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture An Ontology-based Approach to Security Policies The Role of Formal Analysis of Systems / Theories Provide techniques, tools and methodologies to work with the Principle of Falseability of Theories towards the (formal) validation of software and specifications

  13. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture An Ontology-based Approach to Security Policies Known Techniques / Tools ◮ Ad-hoc and systematic testing ◮ Simulation (including stochastic modeling) ◮ Logical and algebraic languages: theorem proving and model checking

  14. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture An Ontology-based Approach to Security Policies The Chosen Techniques / Tools ◮ Declarative knowledge + ◮ Conformance validation as an imperative feature ◮ = Logical approach with computer-aided validation cycle ◮ Description-logic-based ontology + set of tools for CAV ◮ Knowledge extraction from natural language texts (standards) ◮ Context-independent representation of utterances

  15. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture An Ontology-based Approach to Security Policies The Chosen Techniques / Tools ◮ Declarative knowledge + ◮ Conformance validation as an imperative feature ◮ = Logical approach with computer-aided validation cycle ◮ Description-logic-based ontology + set of tools for CAV ◮ Knowledge extraction from natural language texts (standards) ◮ Context-independent representation of utterances

  16. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture An Ontology-based Approach to Security Policies The Chosen Techniques / Tools ◮ Declarative knowledge + ◮ Conformance validation as an imperative feature ◮ = Logical approach with computer-aided validation cycle ◮ Description-logic-based ontology + set of tools for CAV ◮ Knowledge extraction from natural language texts (standards) ◮ Context-independent representation of utterances

  17. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture An Ontology-based Approach to Security Policies The Chosen Techniques / Tools ◮ Declarative knowledge + ◮ Conformance validation as an imperative feature ◮ = Logical approach with computer-aided validation cycle ◮ Description-logic-based ontology + set of tools for CAV ◮ Knowledge extraction from natural language texts (standards) ◮ Context-independent representation of utterances

  18. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture An Ontology-based Approach to Security Policies The Chosen Techniques / Tools ◮ Declarative knowledge + ◮ Conformance validation as an imperative feature ◮ = Logical approach with computer-aided validation cycle ◮ Description-logic-based ontology + set of tools for CAV ◮ Knowledge extraction from natural language texts (standards) ◮ Context-independent representation of utterances

  19. An Ontology-based Approach to the Formalization of Information Security Policies Motivation The Big Picture An Ontology-based Approach to Security Policies The Chosen Techniques / Tools ◮ Declarative knowledge + ◮ Conformance validation as an imperative feature ◮ = Logical approach with computer-aided validation cycle ◮ Description-logic-based ontology + set of tools for CAV ◮ Knowledge extraction from natural language texts (standards) ◮ Context-independent representation of utterances

  20. An Ontology-based Approach to the Formalization of Information Security Policies Main Goal: Computer-Aided Formulation and Validation of Security Policies

  21. An Ontology-based Approach to the Formalization of Information Security Policies Main Goal: Computer-Aided Formulation and Validation of Security Policies The Front-End

  22. An Ontology-based Approach to the Formalization of Information Security Policies Main Goal: Computer-Aided Formulation and Validation of Security Policies Looking into the ontology ◮ AdministerRemotely ⊑ AccessRemotely and NetwareServer ⊑ System are assertions in the IS taxonomy ◮ “Configuring X to achieve Y” is equivalent to “Achieving Y” is asserted in the Axioms section of the ontology: ∃ hasVerb . ( Configure ⊓ ∃ hasTheme . X ⊓ ∃ hasPurpose . Y ) ≡ ∃ hasVerb . Y

Recommend

The Combined Approach to Ontology-Based Data Access R. Kontchakov, C. Lutz, D. Toman, F.Wolter

The Combined Approach to Ontology-Based Data Access R. Kontchakov, C. Lutz, D. Toman, F.Wolter

The Combined Approach to Ontology-Based Data Access R. Kontchakov, C. Lutz, D. Toman, F.Wolter and M. Zakharyaschev Presented by Amer Mouawad University of Waterloo July 8, 2013 Ontology-Based Data Access (OBDA) Motivation: Data

280 views • 25 slides
Performance-based Ontology Matching An Effectiveness-independent Approach for Performance-gain

Performance-based Ontology Matching An Effectiveness-independent Approach for Performance-gain

PhD. Dissertation Presentation Performance-based Ontology Matching An Effectiveness-independent Approach for Performance-gain M. Bilal Amin mbilalamin@oslab.khu.ac.kr Dept. of Computer Engineering Kyung Hee University Advisor : Prof.

964 views • 60 slides
An Ontology-Based Approach for Facilitating Information Retrieval from Disparate Sources: Patent

An Ontology-Based Approach for Facilitating Information Retrieval from Disparate Sources: Patent

An Ontology-Based Approach for Facilitating Information Retrieval from Disparate Sources: Patent System as an Exemplar Kincho H. Law Professor of Civil and Environmental Engineering Engineering Informatics Group Stanford University

366 views • 34 slides
Ontology for Indian Music: An Approach for ontology learning from online music forums

Ontology for Indian Music: An Approach for ontology learning from online music forums

3 rd CompMusic Workshop, IIT Madras, Chennai Ontology for Indian Music: An Approach for ontology learning from online music forums Supervisors Joe Cheri Ross Prof. Pushpak Bhattacharyya Prof. Preeti Rao IIT Bombay 1 Objective Augment

891 views • 30 slides
Ontology-Based Operators Ontology-Based Operators for e-Business Model De- and for e-Business

Ontology-Based Operators Ontology-Based Operators for e-Business Model De- and for e-Business

Gedistribueerde Systemen 2 mei 2000 Ontology-Based Operators Ontology-Based Operators for e-Business Model De- and for e-Business Model De- and Reconstruction Reconstruction Jaap Gordijn Hans Akkermans Free University Amsterdam/Faculty of

328 views • 6 slides
Ontology-based approach for unsupervised and adaptive focused crawling Thomas HASSAN, Christophe

Ontology-based approach for unsupervised and adaptive focused crawling Thomas HASSAN, Christophe

Ontology-based approach for unsupervised and adaptive focused crawling Thomas HASSAN, Christophe CRUZ, Aurlie Bertaux thomas.hassan@u-bourgogne.fr Le2i FRE2005, CNRS, Arts et Mtiers, Univ. Bourgogne Franche-Comt Dijon, France Outline

465 views • 24 slides
OTAGen: A tunable ontology generator for benchmarking ontology-based agent collaboration F.

OTAGen: A tunable ontology generator for benchmarking ontology-based agent collaboration F.

OTAGen: A tunable ontology generator for benchmarking ontology-based agent collaboration F. Ongenae, S. Verstichel, F. De Turck, T. Dhaene, B. Dhoedt, P. Demeester, July 28, 2008 Department of Information Technology - Broadband Communication

924 views • 22 slides
YAM++ - A combination of graph matching and machine learning approach to ontology alignment task

YAM++ - A combination of graph matching and machine learning approach to ontology alignment task

YAM++ - A combination of graph matching and machine learning approach to ontology alignment task DuyHoa Ngo, Zohra Bellahsene Amir Naseri Knowledge Engineering Group 28. Januar 2013 Introduction An Ontology is a formal specification

1.46k views • 38 slides
COMPOSITIONAL APPROACH TO PROGRAM FORMALIZATION AND VERIFICATION (methodological introduction)

COMPOSITIONAL APPROACH TO PROGRAM FORMALIZATION AND VERIFICATION (methodological introduction)

COMPOSITIONAL APPROACH TO PROGRAM FORMALIZATION AND VERIFICATION (methodological introduction) Mykola (Nikolaj) S. Nikitchenko Taras Shevchenko National University of Kyiv Linz, JKU, November 08-19, 2012 1 Contents Introduction

783 views • 40 slides
a model approach Fielded Systems Panel Presentation September 2011 Model Based Approach

a model approach Fielded Systems Panel Presentation September 2011 Model Based Approach

a model approach Fielded Systems Panel Presentation September 2011 Model Based Approach Formalization of the information structures (particularly if the data structures are consistent) Optimize technical integrity for on-going

394 views • 8 slides
The Planetary Science Ontology A Case Study in an Ontology- Based Information Architecture J.

The Planetary Science Ontology A Case Study in an Ontology- Based Information Architecture J.

The Planetary Science Ontology A Case Study in an Ontology- Based Information Architecture J. Steven Hughes J. Steven Hughes 7th International Protg Conference Tuesday 6th - Friday 9th, July 2004 Washington, DC steve.hughes@jpl.nasa.gov

542 views • 20 slides
ODPReco - A Tool to Recommend Ontology Design Patterns Maleeha Arif Yasvi, Raghava Mutharaju

ODPReco - A Tool to Recommend Ontology Design Patterns Maleeha Arif Yasvi, Raghava Mutharaju

ODPReco - A Tool to Recommend Ontology Design Patterns Maleeha Arif Yasvi, Raghava Mutharaju CONTENTS Ontology Vs ODP Why use ODPs in Ontology Approach Our Dataset Ontology Analysis Machine Learning on existing

548 views • 24 slides
Ontology Ontology-based Methodology for based Methodology for Collaborative Process Definition

Ontology Ontology-based Methodology for based Methodology for Collaborative Process Definition

Ontology Ontology-based Methodology for based Methodology for Collaborative Process Definition of Collaborative Process Definition of Enterprise Networks Enterprise Networks V. Rajsiri, JP. Lorr EBM WebSourcing, Ramonville St-Agne,

533 views • 22 slides
Ontology Development 101 Natasha Noy Stanford University A large part of this tutorial is based

Ontology Development 101 Natasha Noy Stanford University A large part of this tutorial is based

Ontology Development 101 Natasha Noy Stanford University A large part of this tutorial is based on Ontology Development 101: A Guide to Creating Your First Ontology by Natalya F. Noy and Deborah L. McGuinness

997 views • 66 slides
A Formalization of Convex Polyhedra based on the Simplex Method Sminaire Francilien de

A Formalization of Convex Polyhedra based on the Simplex Method Sminaire Francilien de

A Formalization of Convex Polyhedra based on the Simplex Method Sminaire Francilien de Gomtrie Algorithmique et Combinatoire Xavier Allamigeon 1 Ricardo D. Katz 2 March 15th, 2018 1 INRIA and Ecole polytechnique 2 CIFACIS-CONICET

1.88k views • 174 slides
A Symbolic Execution-Based Approach to Model Transformation Verification using Structural

A Symbolic Execution-Based Approach to Model Transformation Verification using Structural

A Symbolic Execution-Based Approach to Model Transformation Verification using Structural Contracts Bentley James Oakes McGill University bentley.oakes@mail.mcgill.ca September 4, 2018 1 Introduction 2 Formalization of DSLTrans 3

386 views • 37 slides
Ontology-based Diagnostic Decision Support for Radiology Charles E. Kahn, Jr., MD, MS Medical

Ontology-based Diagnostic Decision Support for Radiology Charles E. Kahn, Jr., MD, MS Medical

MIE 2014 Ontology-based Diagnostic Decision Support for Radiology Charles E. Kahn, Jr., MD, MS Medical College of Wisconsin Milwaukee, Wisconsin, USA Goals Apply an ontology of disorders and associated imaging findings for differential

347 views • 23 slides
Ontology Based Information Exchange Management Ontology Based Information Exchange Management

Ontology Based Information Exchange Management Ontology Based Information Exchange Management

Ontology Based Information Exchange Management Ontology Based Information Exchange Management System for Secure Coalition Interoperability System for Secure Coalition Interoperability 21 May 2008 21 May 2008 AFCEA-GMU Critical Issues in

549 views • 32 slides
An Engine for Ontology-Based Stream Processing Theory and Implementation Christian Neuenstadt 6.

An Engine for Ontology-Based Stream Processing Theory and Implementation Christian Neuenstadt 6.

An Engine for Ontology-Based Stream Processing Theory and Implementation Christian Neuenstadt 6. Februar 2018 Lbeck Motivation STARQL Transformation Evaluation Motivation - Use Case C. Neuenstadt An Engine for Ontology-Based Stream

764 views • 30 slides
Query Answering and Rewriting in Ontology-based Data Access Riccardo Rosati DIAG, Sapienza

Query Answering and Rewriting in Ontology-based Data Access Riccardo Rosati DIAG, Sapienza

Query Answering and Rewriting in Ontology-based Data Access Riccardo Rosati DIAG, Sapienza Universit` a di Roma KR 2014, Vienna, July 20, 2014 Outline Ontology-based Query Answering (OBQA) problem, languages, example, some complexity

1.2k views • 118 slides
Comparing Ontology-based and Corpus- based Domain Annotations in WordNet. A paper by: Bernardo

Comparing Ontology-based and Corpus- based Domain Annotations in WordNet. A paper by: Bernardo

Comparing Ontology-based and Corpus- based Domain Annotations in WordNet. A paper by: Bernardo Magnini Carlo Strapparava Giovanni Pezzulo Alfio Glozzo Presented by: rabee ali alshemali Motive. Domain information is an emerging topic of

694 views • 40 slides
(More on) Islands of Tractability in Ontology-Based Data Access Carsten Lutz, University of

(More on) Islands of Tractability in Ontology-Based Data Access Carsten Lutz, University of

(More on) Islands of Tractability in Ontology-Based Data Access Carsten Lutz, University of Bremen Scientists vs. Users We need Use these simple scalability ontology languages We need WAY more expressivity OUR Then no scalability,

387 views • 28 slides
An Ontology Selection and Ranking System Based on the Analytic Hierarchy Process Adrian Groza 1 ,

An Ontology Selection and Ranking System Based on the Analytic Hierarchy Process Adrian Groza 1 ,

Project Domain AHP adaptation for Ontology Evaluation Domain Coverage System Design Experiments Conclusions An Ontology Selection and Ranking System Based on the Analytic Hierarchy Process Adrian Groza 1 , Irina Dragoste 1 , Iulia Sincai 1 ,

502 views • 33 slides
Ontology Engineering Lecture 7: Top-down (and middle-out) Ontology Development II Maria Keet

Ontology Engineering Lecture 7: Top-down (and middle-out) Ontology Development II Maria Keet

Parts Types of part-whole relations Extending the foundations Ontology Design Patterns Ontology Engineering Lecture 7: Top-down (and middle-out) Ontology Development II Maria Keet email: mkeet@cs.uct.ac.za home: http://www.meteck.org

1.03k views • 81 slides

More recommend