An Ontology for Secure Web Applications
    Download PDF
Marianne Busch,Martin Wirsing. An Ontology for Secure Web Applications. International Journal of Software and Informatics, 2015,9(2):233~258
Hits: 2674
Download times: 3449
Abstract:It is commonly known that most applications suffer from security holes that are sooner or later exploited. One reason is that for developers the term "security" is difficult to grasp. Many security properties exist and there are many methods to enforce them or to avoid implementing common vulnerabilities in applications. Ontologies can help to get an overview of web security and to structure this domain by relating relevant assets, methods, tools, security properties, vulnerabilities and threats (referred to as knowledge objects). In this paper, we present a novel ontology with a focus on secure web applications, called SecWAO. It is based on the Context model of SecEval, which is a domain model tailored to describe knowledge objects. By providing an overview, SecWAO supports teaching purposes and web developers when specifying security requirements or making design decisions.
keywords:security  web security  web engineering  ontology  taxonomy  overview  UML
View Full Text  View/Add Comment  Download reader



Top Paper  |  Copyright  |  Contact Us

© Copyright by Institute of Software, the Chinese Academy of Sciences

京公网安备 11040202500065号