4 found
Order:
  1. Ontological Analysis and Redesign of Security Modeling in ArchiMate.Ítalo Oliveira, Tiago Prince Sales, João Paulo A. Almeida, Riccardo Baratella, Mattia Fumagalli & Giancarlo Guizzardi - 2022 - In Ítalo Oliveira, Tiago Prince Sales, João Paulo A. Almeida, Riccardo Baratella, Mattia Fumagalli & Giancarlo Guizzardi (eds.), The Practice of Enterprise Modeling - 15th IFIP WG 8.1 Working Conference, PoEM 2022. Springer. pp. 82-98.
    Enterprise Risk Management and security have become a fundamental part of Enterprise Architecture, so several frameworks and modeling languages have been designed to support the activities associated with these areas. Archi- Mate’s Risk and Security Overlay is one of such proposals, endorsed by The Open Group. We investigate the capabilities of the proposed security-related con- structs in ArchiMate with regard to the necessities of enterprise security modeling. Our analysis relies on a well-founded reference ontology of security to uncover ambiguity, missing (...)
    Download  
     
    Export citation  
     
    Bookmark   1 citation  
  2. Ontology-based security modeling in ArchiMate.Ítalo Oliveira, Tiago Prince Sales, João Paulo A. Almeida, Riccardo Baratella, Mattia Fumagalli & Giancarlo Guizzardi - forthcoming - Software and Systems Modeling.
    Enterprise Risk Management involves the process of identification, evaluation, treatment, and communication regarding risks throughout the enterprise. To support the tasks associated with this process, several frameworks and modeling languages have been proposed, such as the Risk and Security Overlay (RSO) of ArchiMate. An ontological investigation of this artifact would reveal its adequacy, capabilities, and limitations w.r.t. the domain of risk and security. Based on that, a language redesign can be proposed as a refinement. Such analysis and redesign have been (...)
    Download  
     
    Export citation  
     
    Bookmark  
  3. On the Semantics of Risk Propagation.Mattia Fumagalli, Gal Engelberg, Tiago Prince Sales, Ítalo Oliveira, Dan Klein, Pnina Soffer, Riccardo Baratella & Giancarlo Guizzardi - forthcoming - In Mattia Fumagalli, Gal Engelberg, Tiago Prince Sales, Ítalo Oliveira, Dan Klein, Pnina Soffer, Riccardo Baratella & Giancarlo Guizzardi (eds.), Research Challenges in Information Science - 16th International Conference, RCIS 2023. Springer.
    Risk propagation encompasses a plethora of techniques for analyzing how risk “spreads” in a given system. Albeit commonly used in technical literature, the very notion of risk propagation turns out to be a conceptually imprecise and overloaded one. This might also explain the multitude of modeling solutions that have been proposed in the lit- erature. Having a clear understanding of what exactly risk is, how it be quantified, and in what sense it can be propagated is fundamental for devising high-quality (...)
    Download  
     
    Export citation  
     
    Bookmark  
  4. An Ontology of Security from a Risk Treatment Perspective.Ítalo Oliveira, Tiago Prince Sales, Riccardo Baratella, Mattia Fumagalli & Giancarlo Guizzardi - 2022 - In Ítalo Oliveira, Tiago Prince Sales, Riccardo Baratella, Mattia Fumagalli & Giancarlo Guizzardi (eds.), 41th International Conference, ER 2022, Proceedings. Cham: Springer. pp. 365-379.
    In Risk Management, security issues arise from complex relations among objects and agents, their capabilities and vulnerabilities, the events they are involved in, and the value and risk they ensue to the stakeholders at hand. Further, there are patterns involving these relations that crosscut many domains, ranging from information security to public safety. Understanding and forming a shared conceptualization and vocabulary about these notions and their relations is fundamental for modeling the corresponding scenarios, so that proper security countermeasures can be (...)
    Download  
     
    Export citation  
     
    Bookmark