Skip to main content
SpringerLink
Log in
Book cover

International Conference on Research Challenges in Information Science

RCIS 2020: Research Challenges in Information Science pp 437–454Cite as

Ontology Evolution in the Context of Model-Based Secure Software Engineering

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 385))

Abstract

Ontologies as a means to formally specify the knowledge of a domain of interest have made their way into information and communication technology. Most often, such knowledge is subject to continuous change, which demands for consistent evolution of ontologies and dependent artifacts. In this paper, we study ontology evolution in the context of a model-based approach to engineering of secure software, where ontologies are used to formalize the security context knowledge which is needed to come up with software systems which can be considered secure. In this application scenario, techniques for detecting ontology changes and determining their semantic impact are faced with a couple of challenging requirements which are not met by existing solutions. To overcome these shortcomings, we adapt a state-based approach to model differencing to OWL ontologies. Our solution is capable of detecting semantic editing patterns which may be customly defined using graph transformation rules, but it does not depend on information about editing processes such as persistently managed change logs. We showcase how to leverage semantic editing patterns for the sake of system model co-evolution in response to changing security context knowledge, and demonstrate the feasibility of the approach using a realistic medical information system.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    https://www.bsi.bund.de/EN/Topics/ITGrundschutz/itgrundschutz_node.html.

  2. 2.

    https://cve.mitre.org.

  3. 3.

    https://cwe.mitre.org.

  4. 4.

    https://protege.stanford.edu.

  5. 5.

    The effect of Session 2 is not illustrated in Fig. 2.

  6. 6.

    https://www.omg.org/mof.

  7. 7.

    https://www.w3.org/2007/OWL/wiki/MOF-Based_Metamodel.

  8. 8.

    http://cwe.mitre.org/top25/.

References

  1. Baader, F., Horrocks, I., Sattler, U.: Description logics. In: Staab, S., Studer R. (eds.) Handbook on Ontologies, pp. 3–28. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24750-0_1

  2. Bürger, J., Jürjens, J., Ruhroth, T., Gärtner, S., Schneider, K.: Model-based security engineering: managed co-evolution of security knowledge and software models. In: Aldini, A., Lopez, J., Martinelli, F. (eds.) FOSAD 2012-2013. LNCS, vol. 8604, pp. 34–53. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10082-1_2

    Chapter  MATH  Google Scholar 

  3. Bürger, J., Jürjens, J., Wenzel, S.: Restoring security of evolving software models using graph transformation. Int. J. Softw. Tools Technol. Transf. 17(3), 267–289 (2014). https://doi.org/10.1007/s10009-014-0364-8

    Article  Google Scholar 

  4. Bürger, J.: Recovering security in model-based software engineering by context-driven co-evolution. Ph.D. thesis, University of Koblenz-Landau (2019)

    Google Scholar 

  5. Bürger, J., Strüber, D., Gärtner, S., Ruhroth, T., Jürjens, J., Schneider, K.: A framework for semi-automated co-evolution of security knowledge and system models. J. Syst. Softw. 139, 142–160 (2018)

    Article  Google Scholar 

  6. Djedidi, R., Aufaure, M.A.: Ontology change management. In: I-SEMANTICS, pp. 611–621 (2009)

    Google Scholar 

  7. Djedidi, R., Aufaure, M.A.: Ontology evolution: state of the art and future directions. In: Ontology Theory, Management and Design: Advanced Tools and Models. IGI Global (2010)

    Google Scholar 

  8. Gärtner, S., Ruhroth, T., Bürger, J., Schneider, K., Jürjens, J.: Maintaining requirements for long-living software systems by incorporating security knowledge. In: 22nd IEEE International Requirements Engineering Conference. IEEE (2014)

    Google Scholar 

  9. Gruber, T.R.: A translation approach to portable ontology specifications. Knowl. Acquis. 5(2), 199–220 (1993)

    Article  Google Scholar 

  10. Heckman, S., Stolee, K., Parnin, C.: 10+ years of teaching software engineering with iTrust: the good, the bad, and the ugly. In: International Conference on Software Engineering Education and Training, pp. 1–4. IEEE (2018)

    Google Scholar 

  11. Hesse, T.M., Gärtner, S., Roehm, T., Paech, B., Schneider, K., Bruegge, B.: Semi-automatic security requirements engineering and evolution using decision documentation, heuristics, and user monitoring. In: International Workshop on Evolving Security and Privacy Requirements Engineering, pp. 1–6. IEEE (2014)

    Google Scholar 

  12. Javed, M., Abgaz, Y.M., Pahl, C.: A pattern-based framework of change operators for ontology evolution. In: Meersman, R., Herrero, P., Dillon, T. (eds.) OTM 2009. LNCS, vol. 5872, pp. 544–553. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05290-3_68

    Chapter  Google Scholar 

  13. Javed, M., Abgaz, Y.M., Pahl, C.: Ontology change management and identification of change patterns. J. Data Semant. 2(2–3), 119–143 (2013)

    Article  Google Scholar 

  14. Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)

    MATH  Google Scholar 

  15. Kehrer, T., Alshanqiti, A., Heckel, R.: Automatic inference of rule-based specifications of complex in-place model transformations. In: Guerra, E., van den Brand, M. (eds.) ICMT 2017. LNCS, vol. 10374, pp. 92–107. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61473-1_7

    Chapter  Google Scholar 

  16. Kehrer, T., Kelter, U., Ohrndorf, M., Sollbach, T.: Understanding model evolution through semantically lifting model differences with SiLift. In: International Conference on Software Maintenance (2012)

    Google Scholar 

  17. Kehrer, T., Kelter, U., Pietsch, P., Schmidt, M.: Adaptability of model comparison tools. In: International Conference on Automated Software Engineering, pp. 306–309. IEEE (2012)

    Google Scholar 

  18. Kehrer, T., Kelter, U., Taentzer, G.: A rule-based approach to the semantic lifting of model differences in the context of model versioning. In: International Conference on Automated Software Engineering (2011)

    Google Scholar 

  19. Khattak, A.M., Batool, R., Pervez, Z., Khan, A.M., Lee, S.: Ontology evolution and challenges. J. Inf. Sci. Eng. 29(5), 851–871 (2013)

    Google Scholar 

  20. Kögel, S., et al.: Learning from evolution for evolution. Managed Software Evolution, pp. 255–308. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-13499-0_10

    Chapter  Google Scholar 

  21. Maedche, A., Motik, B., Stojanovic, L., Studer, R., Volz, R.: Managing multiple ontologies and ontology evolution in ontologging. In: Musen, M.A., Neumann, B., Studer, R. (eds.) IIP 2002. ITIFIP, vol. 93, pp. 51–63. Springer, Boston, MA (2002). https://doi.org/10.1007/978-0-387-35602-0_6

    Chapter  Google Scholar 

  22. Otero-Cerdeira, L., Rodríguez-Martínez, F.J., Gómez-Rodríguez, A.: Ontology matching: a literature review. Expert Syst. Appl. 42(2), 949–971 (2015)

    Article  Google Scholar 

  23. OWL Working Group, W.: OWL 2 Web Ontology Language: Document Overview. W3C Recommendation (2009)

    Google Scholar 

  24. Papavassiliou, V., Flouris, G., Fundulaki, I., Kotzinos, D., Christophides, V.: On Detecting high-level changes in RDF/S KBs. In: Bernstein, A., et al. (eds.) ISWC 2009. LNCS, vol. 5823, pp. 473–488. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-04930-9_30

    Chapter  Google Scholar 

  25. Papavassiliou, V., Flouris, G., Fundulaki, I., Kotzinos, D., Christophides, V.: High-level change detection. ACM Trans. Database Syst. (TODS) 38(1), 1 (2013)

    Article  Google Scholar 

  26. Plessers, P., De Troyer, O.: Ontology change detection using a version log. In: Gil, Y., Motta, E., Benjamins, V.R., Musen, M.A. (eds.) ISWC 2005. LNCS, vol. 3729, pp. 578–592. Springer, Heidelberg (2005). https://doi.org/10.1007/11574620_42

    Chapter  Google Scholar 

  27. Plessers, P., De Troyer, O., Casteleyn, S.: Understanding ontology evolution: a change detection approach. Web Semant.: Sci. Serv. Agents World Wide Web 5(1), 39–49 (2007)

    Article  Google Scholar 

  28. Popov, A.: RFC 7465: Prohibiting RC4 cipher suite, February 2015. https://tools.ietf.org/html/rfc7465. Accessed 24 Apr 2020

  29. Ruhroth, T., Gärtner, S., Bürger, J., Jürjens, J., Schneider, K.: Versioning and evolution requirements for model-based system development. In: International Workshop on Comparison and Versioning of Software Models (2014)

    Google Scholar 

  30. Steinberg, D., Budinsky, F., Merks, E., Paternostro, M.: EMF: Eclipse Modeling Framework. Pearson Education, London (2008)

    Google Scholar 

  31. Strüber, D., et al.: Henshin: a usability-focused framework for EMF model transformation development. In: de Lara, J., Plump, D. (eds.) ICGT 2017. LNCS, vol. 10373, pp. 196–208. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61470-0_12

    Chapter  Google Scholar 

  32. Vanhoef, M., Piessens, F.: All your biases belong to us: Breaking RC4 in WPA-TKIP and TLS. In: USENIX Security Symposium, pp. 97–112 (2015)

    Google Scholar 

  33. Wardhana, H., Ashari, A., Sari, A.K.: Review of ontology evolution process. J. Comput. Appl. 45, 26–33 (2018)

    Google Scholar 

  34. Zablith, F., et al.: Ontology evolution: a process-centric survey. knowl. Eng. Rev. 30(1), 45–75 (2015)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Knipp Medien und Kommunikation GmbH, Dortmund, Germany

    Jens Bürger

  2. University of Koblenz-Landau, Koblenz, Germany

    Jens Bürger & Jan Jürjens

  3. Humboldt-Universität zu Berlin, Berlin, Germany

    Timo Kehrer

  4. Fraunhofer Institute ISST, Dortmund, Germany

    Jan Jürjens

Authors
  1. Jens Bürger
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Timo Kehrer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jan Jürjens
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jens Bürger .

Editor information

Editors and Affiliations

  1. Utrecht University, Utrecht, The Netherlands

    Fabiano Dalpiaz

  2. Stockholm University, Kista, Sweden

    Jelena Zdravkovic

  3. The Institute of Digital Innovation and Research, Dublin, Ireland

    Pericles Loucopoulos

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bürger, J., Kehrer, T., Jürjens, J. (2020). Ontology Evolution in the Context of Model-Based Secure Software Engineering. In: Dalpiaz, F., Zdravkovic, J., Loucopoulos, P. (eds) Research Challenges in Information Science. RCIS 2020. Lecture Notes in Business Information Processing, vol 385. Springer, Cham. https://doi.org/10.1007/978-3-030-50316-1_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-50316-1_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-50315-4

  • Online ISBN: 978-3-030-50316-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation