Ontology driven security for mobile applications

摘要

Heterogeneity and novelty of mobile applications impose new requirements, especially for security. To assist mobile applications developers to face the security challenge, we propose a knowledge base solution through the conceptualization of a security ontology. Our proposal is based on existing ontologies and adds specific feature related to the mobile field. Mainly the ontology is composed of security actors, countermeasures, vulnerabilities, attacks and additional non functional requirements. The ontology is implemented using OWL, its former target is to organize and unify the terminology in mobile security field and the latter objective is to answer queries concerning the appropriate security countermeasures that should be applied according to a given context.