Skip to Main content Skip to Navigation
Conference papers

Ontology-Based Evaluation of ISO 27001

Abstract : Information security risks threaten the ability of organizations of reaching their operational and strategic goals. Increasing diversification of the information security landscapes makes addressing all risks a challenging task. Information security standards have positioned themselves as generic solutions to tackle a broad range of risks and try to guide security managers in their endeav ors. However, it is not evident if such standards have the required holis tic approach to be a solid foundation. In this paper a metamodel of the ISO 27001 security standard explicating its core concepts is presented. We then compare the constructed metamodel with various information security ontolo gies and analyze for comprehensiveness. We conclude with a discussion of core concepts in the information security domain.
Document type :
Conference papers
Complete list of metadata

Cited literature [32 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Monday, August 11, 2014 - 10:26:23 AM
Last modification on : Friday, August 11, 2017 - 2:59:25 PM
Long-term archiving on: : Wednesday, November 26, 2014 - 9:51:44 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Danijel Milicevic, Matthias Goeken. Ontology-Based Evaluation of ISO 27001. 10th IFIP WG 6.11 Conference on e-Business, e-Services, and e-Society (I3E), Nov 2010, Buenos Aires, Argentina. pp.93-102, ⟨10.1007/978-3-642-16283-1_13⟩. ⟨hal-01055030⟩



Record views


Files downloads