Conceptualizing Security with the Approach of Sustainability and Resilience of the Organization

Hamidzadeh, Mehrdad, Poorebrahimi, Alireza, Toloui Ashlaghi, Abbas and Motadel, Mohammad Reza Conceptualizing Security with the Approach of Sustainability and Resilience of the Organization. Academic Librarianship and Information Research, 2024, vol. 58, n. 2, pp. 87-104. [Journal article (Paginated)]

[thumbnail of JLIB_Volume 58_Issue 2_Pages 87-104.pdf]
Preview
 Text
JLIB_Volume 58_Issue 2_Pages 87-104.pdf - Published version
Available under License Creative Commons Attribution Non-commercial.
Download (1MB) | Preview

English abstract

Objective: This research adopts an approach that conceptualizes security and develops a comprehensive security model using knowledge representation technologies. It aligns with sustainability and organizational resilience within the context of the fifth industrial revolution, aiming to provide a complete overview of the conceptual components of security. Methods: The objectives of this applied research are pursued through a conceptualization approach. To achieve this, the latest version of Protégé software was used to develop the ontology. Additionally, a life cycle process for ontology creation was designed to align with international methods and design science. Furthermore, to create a comprehensive representation, the OntoGraf tool was employed with a focus on organizational resilience. Results: The design of a conceptual model for organizational security requirements, controls, and assets was achieved through ontology engineering using the Protégé tool. This process was based on standards, international frameworks, and the specific conditions and needs of the country. The approach aimed to establish sustainability and resilience within the organization while also creating a comprehensive representation of the conceptual components of security in organizations. Conclusions: In today’s complex environment, smart action is essential. In a large organization like a university, acting intelligently is the most important factor in enhancing competitiveness. Security plays a crucial role across various dimensions of organizations that adopt a smart approach. The field of security is highly dynamic, with new threats constantly emerging. To address these rapidly growing threats, conceptual solutions are needed to enhance organizational security, resilience, and continuity. This research presents the conceptualization and organization of knowledge in security, as well as the creation of a platform for the development and use of common concepts.

Item type: Journal article (Paginated)
Keywords: conceptualization, organization, security, security maturity, stability, ontology
Subjects: D. Libraries as physical collections. > DZ. None of these, but in this section.
Depositing user: Maliheh Dorkhosh
Date deposited: 25 Mar 2025 06:07
Last modified: 25 Mar 2025 06:07
URI: http://hdl.handle.net/10760/46445

References

Adina, R. (2021). Smartening security and dealing with advanced threats. Dibagaran Art Cultural Institute of Tehran. (In Persian)

Alberts, C. J. Dorofee, A. J. & Allen, J. H. (2001). OCTAVE catalog of practices, version 2.0. Carnegie Mellon University, Software Engineering Institute. https://doi.org/10.1184/R1/6575834.v1

Aliabadi, S., Mahrooghi, H., & Zare, M. (2016). Presenting the reference model of security in the framework of Iran's organizational architecture; 1st national conference on organizational architecture developments, Faculty of Engineering and Computer Science, Shahid Beheshti University. (In Persian) https://civilica.com/doc/737972/

Alkhammash, E. (2020). Formal modelling of OWL ontologies-based requirements for the development of safe and secure smart city systems. Soft Computing. https://doi.org/10.1007/s00500-020-04688-z

Arogundade, T., Abayomi-Alli, O., & Misra, S. A. (2020). An ontology-based security risk management model for information systems. Arabian Journal for Science and Engineering. https://doi.org/10.1007/s13369-020-04524-4

Assouche, A. (2010). Ethnography: methodology, development tools and languages. Tarbiat Modares University Publications. (In Persian)

Bitton, R., Maman, N., Elovici, Y., & Shabta, A. (2021). Evaluating the cybersecurity risk of real world, machine learning production systems. arXiv, arxiv.org/abs/2107.01806 https://doi.org/10.48550/arXiv.2107.01806

Donner, M. )2003(. Toward a security ontology. IEEE Security & Privacy, 1(3), 6-7 https://doi.org/10.1109/MSP.2003.10004

Ehrig, M. )2007(. Ontology Alignment Bridging the Semantic Gap. Springer. https://doi.org/10.1007/978-0-387-36501-5

Fethian Tasgardi, A. (2019). Designing a metadata ontology model for modeling and semantic representation of scientific journal articles in the Rice database. Regional Science and Technology Information Center (RAISEST). (In Persian)

Frye, L., Cheng, L. & Heflin, H. (2012). An ontology-based system to identify complex network attacks’, IEEE International Conference on Communications (ICC), Canada. https://doi.org/10.1109/ICC.2012.6364689

Gasevic, D., Djuric, D., & Devedzi, V. )2009(. Model driven engineering and ontology development. (2nd ed.). Springer.

Gharib, M., & Mylopoulos, J. (2018). A core ontology for privacy requirements engineering. arXiv:1811.12621v1[cs.SE]. https://doi.org/10.48550/arXiv.1811.12621

Gruber, T. R. (1993.). A translation approach to portable ontology specifications, Knowledge Acquisition, Knowledge Acquisition. Current issues in knowledge modeling, Special issue 5 (2) https://doi.org/10.1006/KNAC.1993.1008

Guan, H., Yang, H., & Wang, J. (2016). An ontology-based approach to security pattern selection. International Journal of Automation and Computing, 13, 168-182. DOI:10.1007/s11633-016-0950-1

Hosseini, S. Y., & Yadalhi, S. (2014). Explanation and assessment of intra-organizational intelligence. Strategic Management Studies, 6(23), 179-201. (In Persian) 20.1001.1.22286853.1394.6.23.8.6

Imtiaz Khan, Y. & U. Ndubuaku, M. (2018). Ontology-based automation of security guidelines for smart homes. 2018 IEEE 4th World Forum on Internet of Things (WF-IoT). https://doi.org/10.1109/WF-IoT.2018.8355214

Jacobs, S. )2011(. Engineering information security: The Application of Systems Engineering Concepts to Achieve Information Assurance. Wiely.

Kalfoglou, Y., & Schorlemmer, M. (2003). IF-Map: An ontology-mapping method based on information-flow theory. Journal on data semantics, 1, 98-127. https://doi.org/10.1007/978-3-540-39733-55

Kang, W., & Liang, Y. (2013). A security ontology with MDA for software development. International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery. https://doi.org/10.1109/CyberC.2013.20.

Kumar A. (2013). A comparative analysis of taxonomy, thesaurus and ontology. International Journal of Applied Services Marketing Perspectives, 2, 251-258.

Lang, D., & Rumsey, C. (2018). Business disruption is here to stay what should learners do? Are Business leaders prepared to handle future business disruptions? 11th IBAB International Conference.

Mahler, T., Elovici, Y. & Shahar, Y. (2020). A new methodology for information security risk assessment for medical devices and its evaluation. arXiv:2002.06938v1[CR]. https://doi.org/10.48550/arXiv.2002.06938

Mahrooqi, H., Aliabadi, S., & Khairkhah, M. (2016). Review and comparison of security frameworks and models in organizational architecture. 1st national conference on the advancement of enterprise architecture. (In Persian) https://civilica.com/doc/737951.

Manzoor, S., Vateva-Gurova, T., Trapero, R. & Suri, N. (2018). Threat modeling the cloud: An ontology based approach. In Proceedings of the International Workshop on Information and Operational Technology, 61-72. (In Persian) https://doi.org/10.1007/978-3-030-12085-6_6

Mavroeidis, V., & Bromander, S. (2021). Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. 2017 European Intelligence and Security Informatics Conference (EISIC). https://doi.org/10.1109/EISIC.2017.20

Ministry of Communications and Information Technology. (2023). Iran's Smart Government Strategic Plan. Tehran: Ministry of Communications and Information Technology. (In Persian)

Munir, R., Ahmed, N., Razzaq, A., Hur, A. & Ahmad, F. (2011). Detect HTTP Specification Attacks using Ontology. 10th International Conference on frontiers of information technology (FIT), 75-78. https://doi.org/10.1109/FIT.2011.21

Najari, R., Azar, A., & Jalilian, H. (2014). Presenting the intelligence model of the organization: the study of manufacturing companies. Organizational Behavior Studies Quarterly, 4 1 (12) 1-24. (In Persian)

Nizami, D., & Shams Aini, F. (2016). Supporting enterprise architecture decisions using ontology. National Conference on Organizational Architecture Advances. (In Persian) https://civilica.com/doc/737955.

Nizami, D.; & Shams Aini, F. (2016). Supporting enterprise architecture decisions using ontology. National Conference on Organizational Architecture Advances. (In Persian) https://civilica.com/doc/737955.

Qalambar, M. A., Ebadi, S. M. A., & Karami, K. (2022). Major technological trends according to the worlds top 8 management consulting institutes. Strategic Studies and Foresight Unit of D Investment Company, Kariz Publications. (In Persian)

Qamar, T., & Bawany, N. Z. (2020). A cyber security ontology for smart city. International Journal on Information Technologies & Security, 3(12), Corpus ID: 235753202

Rajabi, Z., & Alinaghizadehardestani, M. (2018). Presenting a data-driven method for the development of enterprise architecture using the enterprise ontology model. Command and control of the third year, 3. (In Persian) http://ic4i-journal.ir/article-1-163-fa.html

Rastogi, N., Dutta, S., J. Zaki, M., Gittens, A., & Aggarwal, C. (2020). MALOnt: An ontology for malware threat intelligence. arXiv:2006.11446v1 [cs.CR]. Association for Computing Machinery. https://doi.org/10.48550/arXiv.2006.11446.

Rogushina, J., Gladun, A., Pryima, S. & Strokan, O. (2019). Ontology-based approach to validation of learning outcomes for information security domain. CEUR-WS.org 2577(3). Corpus ID: 215807305. http://www.tsatu.edu.ua/kn/wp-content/uploads/sites/16/skopus_2019.pdf

Saberifar, R. (2019). Determining and identifying effective factors in the design of intelligent organization for urban management. Urban Planning Geography Research, 8(2), 445-467. (In Persian)

Saif, A. (2014). Security Architecture as Part of Enterprise Architecture, School of Information and Communication Technology. Griffith University, Australia.

Sanagavarapu, L., Iyer, V., & Reddy, Y. (2021). OntoEnricher: A Deep learning approach for ontology enrichment from unstructured text. arXiv:2102.04081v1. https://doi.org/10.48550/arXiv.2112.08554

Sarvati, L., Valvi, M., & Hourali, M. (2013). Applications of ontology in military affairs and methodology of military ontology; The 7th National Conference of the Command and Control Association (C4I) of Iran; Shahid Sattari University of Aeronautical Sciences and Techniques; November 2013. (In Persian). https://civilica.com/doc/412525

Sarvati, L., Valvi, M. & Hourali, M. (2013). Applications of ontology in military affairs and methodology of military ontology; The 7th National Conference of the Command and Control Association (C4I) of Iran; Shahid Sattari University of Aeronautical Sciences and Techniques; November 2013. (In Persian). https://civilica.com/doc/412525

Sherwood, J., Clark, A. & Lynas, D. (2005). Enterprise Security architecture: A business-driven approach. CMP Book.

Studer, R., Benjamins, V. R., & Fensel, D. (1998(. Knowledge engineering: Principles and methods, Data & Knowledge Engineering, 25(1–2), 161–198. https://doi.org/10.1016/S0169-023X(97)00056-6

Sure, Y., Staab, S. & Studer, R. (2009). Ontology Engineering Methodology. In Handbook on Ontologies, Staab, S., and Studer, R., (eds.). Springer. https://doi.org/10.1007/978-3-540-92673-3_6

Syed, R. & Zhong, H. (2018). Cybersecurity vulnerability management: An Ontology-Based Conceptual Model. In Proceedings of the Twenty-fourth Americas Conference on Information Systems, New Orleans, LA, USA, 16-18. Corpus ID: 53046758

Uschold, M., King, M., Moralee, S. & Zorgios, Y. (1998). The enterprise ontology. Published online by Cambridge University Press. https://doi.org/10.1017/S0269888998001088

Van, R. (2014). Comparing Security Architectures. Lulea University of Technology, Department of Computer Science, Electrical and Space Engineering.

Wang, Z., Zhu, H.; Liu, P. & Sun, L. (2021). Social Engineering in Cybersecurity: A Domain Ontology and Knowledge Graph Application Examples. Future issue of cybersecurity (ISSN: 2523-3246). https://doi.org/10.1186/s42400-021-00094-6

Wen, S. F., & Katt, B. (2019). Managing Software Security Knowledge in Context: An Ontology Based Approach. Information, 10, 216. https://doi.org/10.3390/info10060216

Whitman, M. E. & Mattord, H. J. (2012(. Principles of information security (4th Ed.). Course Cengage Learning.

Yu, L. )2007(. Introduction to the Semantic Web and Semantic Web Services. Taylor & Francis, United States of America. https://doi.org/10.1201/978158488934


Downloads

Downloads per month over past year

Actions (login required)

View Item View Item
Contact us
Send email Sponsors
Sponsor: AIMS Sponsor: D&P Sponsor: UniNa CAB Get connected
Facebook Facebook Twitter Twitter Linkedin LinkedIn RSS RSS