Towards an Ontological Approach to Information System Security and Safety Requirement Modeling and Reuse

Preview Buy now DOI: 10.1080/19393555.2011.652290 O. T. Arogundadea*, A. T. Akinwaleb, Z. Jinc & X. G. Y anga pages 137-149 Version of record first published: 14 May 2012 Article Views: 66 Alert me TOC email alert TOC RSS feed Citation email alert Citation RSS feed ABSTRACT Misuse cases are currently used to identify safety and security threats and subsequently capture safety and security requirements. There is limited consensus to the precise meaning of the basic terminology used for use/misuse case concepts. This paper delves into the use of ontology for the formal representation of the use-misuse case domain knowledge for eliciting safety and security requirements. We classify misuse cases into different category to reflect different type of misusers. This will allow participants during the requirement engineering stage to have a common understanding of the problem domain. We enhanced the misuse case domain to include abusive misuse case and vulnerable use case in order to boost the elicitation of safety requirements. The proposed ontological approach will allow developer to share and reuse the knowledge represented in the ontology thereby avoiding ambiguity and inconsistency in capturing safety and security requirements. OWL protégé 3.3.1 editor was used for the ontology coding. An illustration of the use of the ontology is given with examples from the health care information system. View full text Download full text Taylor & Francis Online :: Towards an Ontological Approach to Informati... http://www.tandfonline.com/doi/abs/10.1080/19393555.2011.652290