An Ontology-Based Security Risk Management Model for Information Systems
Loading...

Date
2020
Journal Title
Journal ISSN
Volume Title
Publisher
Springer Heidelberg
Open Access Color
Green Open Access
No
OpenAIRE Downloads
OpenAIRE Views
Publicly Funded
No
Abstract
Security risk management is a knowledge-intensive procedure that requires monitoring and capturing relevant information that can assist in making the right decision by managers. In this paper, a semantically enhanced model for security management during the information system lifetime is proposed. The model supports the continuous collection of identified threat behaviours from the intrusion detection system, filtering and analysis of the threats within a time snapshot and re-appraiser of IS security countermeasures which involves the security administrator (S-Admin), managers, IS and security management system as stakeholders. The probe agent categorizes the security threats identified by the IDS using the developed ontology-driven knowledge base, while the likelihood of threats occurring in real time was obtained using long-term frequency probability. The case-based reasoning paradigm is employed for the security solution reasoning of identified threat risk. The suggested security solutions are based on CASE base built on existing threat ontology. The re-appraiser is based on the success likelihood of potential ongoing threats. The system facilitates management decision with regard to security control selection so that they can have a maximum Return on Security Investment. The proposed Collect-Probe-Analyse-Reason-Reappraise model is illustrated using an e-banking system.
Description
Misra, Sanjay/0000-0002-3556-9331; Abayomi-Alli, Adebayo/0000-0002-3875-1606; Arogundade, Oluwasefunmi/0000-0001-9338-491X
Keywords
Security management, Threats, Risk analysis, Information system, Case-based reasoning
Fields of Science
0202 electrical engineering, electronic engineering, information engineering, 02 engineering and technology
Citation
WoS Q
Q2
Scopus Q
Q1

OpenCitations Citation Count
30
Source
Arabian Journal for Science and Engineering
Volume
45
Issue
8
Start Page
6183
End Page
6198
PlumX Metrics
Citations
CrossRef : 20
Scopus : 29
Captures
Mendeley Readers : 69
SCOPUS™ Citations
33
checked on Feb 19, 2026
Web of Science™ Citations
22
checked on Feb 19, 2026
Page Views
1
checked on Feb 19, 2026
Google Scholar™


