Security Ontology

NEW! NEW! NEW! CLICK HERE TO BROWSE AND EDIT THE SECURITY ONTOLOGY ONLINE

As companies are increasingly exposed to a variety of information security threats, they are permanently forced to pay attention to security issues. Risk management provides an effective approach for measuring the security through risk assessment, risk mitigation and evaluation. Existing risk management approaches are highly accepted but demand very detailed knowledge about the IT security domain and the actual company environment. We develop a security ontology which provides an ontological structure for information security domain knowledge. Besides existing best-practice guidelines such as the German IT Grundschutz Manual also concrete knowledge of the considered organization can be incorporated. Based on the security ontology and Atana we develop the AURUM prototype that supports decision makers in selecting security measures according to technical and economical requirements.

This project is supported by grants of the Austrian Government’s FIT-IT Research Initiative on Trust in IT Systems under the contract 813701. It is conducted at the Vienna University of Technology and the research center Secure Business Austria funded by the Federal Ministry of Economy, Family and Youth of the Republic of Austria and the City of Vienna.