Ítalo José da Silva Oliveira
Graduation (June 2024) in Computer Science from the Free University of Bozen-Bolzano (Unibz), Italy 🇮🇹.
Supervisors: Giancarlo Guizzardi, Enrico Franconi, Tiago Prince Sales.
Doctoral thesis examination committee: Manfred A. Jeusfeld, Raimundas Matulevičius.
This thesis contributes to the definition of general ontological foundations for security modeling, that is, conceptual modeling activities within the security domain.
Conceptual Modeling is the activity of formally describing some aspects of the physical and social world around us for purposes of understanding and communication. Conceptual models are intended to be used by humans, not machines, although they can support computational tasks, such as data model design and automated reasoning. The need for conceptual models is, therefore, a human need to understand the environment by a form of intersubjective representation (very often a diagrammatic form).
Risk Management involves complex relations among objects and agents, their capabilities and vulnerabilities, the events they are involved in, and the value and risk they pose to the stakeholders. Patterns involving these relations crosscut many domains, ranging from information security to public safety. Understanding and forming a shared conceptualization and vocabulary about these notions is fundamental for modeling the corresponding scenarios and devising security countermeasures. Ontologies are instruments developed to address these issues of conceptual clarification and terminological systematization. Although several ontologies have been proposed over the years for risk management purposes, they display many limitations concerning their generality, expressivity, adequacy, and interoperability. To bridge this gap, we investigate those patterns with the support of the Unified Foundational Ontology (UFO) and the Common Ontology of Value and Risk (COVER). However, we immediately observe that the phenomenon of prevention is crucial to understanding and modeling the security domain. Prevention is about blocking an effect before it happens or stopping it as it unfolds. It may occur as a natural phenomenon or result of intentional human intervention, a key aspect of the security domain. For example, vaccines prevent the unfolding of diseases; seat belts prevent events causing serious injuries; and circuit breaks prevent the manifestation of overcurrents. Therefore, an ontological theory of prevention is necessary to build an adequate security ontology. Since the theory of events of UFO lacks a characterization of prevention, this happens to be our first challenge and contribution:
- An ontological theory of prevention based on UFO.
- This theory will ground a Reference Ontology for Security Engineering (ROSE), a proposed ontology of the security domain from a risk treatment perspective, according to ISO 31000. We report three other major contributions by applying ROSE to:
- Specializing it in a Phishing Attack Ontology (PHATO);
- Proceeding with an ontological analysis of D3FEND, an OWL cybersecurity ontology; we uncover numerous modeling mistakes and propose recommendations of improvement;
- Executing an ontological analysis and redesigning the security elements of ArchiMate in the context of Enterprise Risk Management.
