An Ontology of Security from a Risk Treatment Perspective

In 41th International Conference, ER 2022, Proceedings. Cham: Springer (forthcoming)
Download Edit this record How to cite View on PhilPapers
In Risk Management, security issues arise from complex relations among objects and agents, their capabilities and vulnerabilities, the events they are involved in, and the value and risk they ensue to the stakeholders at hand. Further, there are patterns involving these relations that crosscut many domains, ranging from information security to public safety. Understanding and forming a shared conceptualization and vocabulary about these notions and their relations is fundamental for modeling the corresponding scenarios, so that proper security countermeasures can be devised. Ontologies are instruments developed to address these conceptual clarification and terminological systematization issues. Over the years, several ontologies have been proposed in Risk Management and Security Engineering. However, as shown in recent literature, they fall short in many respects, including generality and expressivity - the latter impacting on their interoperability with related models. We propose a Reference Ontology for Security Engineering (ROSE) from a Risk Treatment perspective. Our proposal leverages on two existing Reference Ontologies: the Common Ontology of Value and Risk and a Reference Ontology of Prevention, both of which are grounded on the Unified Foundational Ontology (UFO). ROSE is employed for modeling and analysing some cases, in particular providing clarification to the semantically overloaded notion of Security Mechanism.
PhilPapers/Archive ID
Upload history
Archival date: 2022-07-04
View other versions
Added to PP

59 (#63,004)

6 months
59 (#13,037)

Historical graph of downloads since first upload
This graph includes both downloads from PhilArchive and clicks on external links on PhilPapers.
How can I increase my downloads?