This paper examines how information security knowledge can be shared between different organizations on the basis of a web portal utilizing Web-Prote´ge´ . It can be shown that through the use of ontologies the domain of information security can be modeled and stored in a human- and a machine-readable format, enabling both human editing and automation (e.g. for risk calculations). The evaluation of the web portal has shown that the most important challenge a tool for knowledge sharing has to face is the aspect of motivating users to participate in a knowledge exchange.
Daniel Feledi, Stefan Fenz, and Lukas Lechner. Toward~web-based information security knowledge sharing. Information Security Technical Report, 17(4):199–209, May 2013. doi:10.1016/j.istr.2013.03.004.
@article{feledi_webbased_2013,
abstract = {Today IT security professionals are working hard to keep a high security standard for their information systems. In doing so, they often face similar problems, for which they have to create appropriate solutions. An exchange of knowledge between experts would be desirable in order to prevent developing always the same solutions by independent persons. Such an exchange could also lead to solutions of higher quality, as existing approaches could be advanced, instead of always reinventing the security wheel. This paper examines how information security knowledge can be shared between different organizations on the basis of a web portal utilizing Web-Prot\'eg\'e. It can be shown that through the use of ontologies the domain of information security can be modeled and stored in a human- and a machine-readable format, enabling both human editing and automation (e.g. for risk calculations). The evaluation of the web portal has shown that the most important challenge a tool for knowledge sharing has to face is the aspect of motivating users to participate in a knowledge exchange. Results from the evaluation have been used to further develop and enhance the web portal by implementing additional facilitating features. These features include a credit system, which rewards users for contributions, as well as the ability to select multiple entities, improving the system's usability.},
author = {Feledi, Daniel and Fenz, Stefan and Lechner, Lukas},
doi = {10.1016/j.istr.2013.03.004},
issn = {1363-4127},
journal = {Information Security Technical Report},
month = {May},
number = {4},
pages = {199-209},
series = {Special Issue: ARES 2012 7th International Conference on Availability, Reliability and Security},
title = {Toward~Web-Based Information Security Knowledge Sharing},
volume = {17},
year = {2013}
}