Association for Computing Machinery
Building secure systems is a difficult job for most engineers since it requires in-depth understanding of security aspects. This task, however, can be assisted by capturing security knowledge in a particular domain and reusing the knowledge when designing applications. The authors use this strategy and employ information security ontology to represent the security knowledge. The ontology is associated with system designs which are modeled in collaborative building blocks specifying the behavior of several entities. In this paper, they identify rules to be applied to the elements of collaborations in order to identify security assets present in the design.