Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security

Sayonnha Mandal, Robin Gandhi, Harvey Pe Siy

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

In this paper, the Nomos 2 framework for modeling law-compliant solutions in software system design is applied in the context of the Federal Information Security Modernization Act (FISMA) of 2014. Information security regulatory statements with a high variability space are examined to explore the utility and limits of the Nomos 2 framework for information security regulations. Additionally, Nomos 2 concepts are modeled in a semantic web representation for reasoning about the applicability and satisfiablity of FISMA regulations for information systems. The use of freely available semantic web toolsets for knowledge modeling and reasoning are demonstrated in an example scenario requiring the determination of FISMA related authorities and functions.

Original languageEnglish (US)
Title of host publication8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-9
Number of pages9
ISBN (Electronic)9781509001040
DOIs
StatePublished - Nov 16 2015
Event8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Ottawa, Canada
Duration: Aug 25 2015 → …

Publication series

Name8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings

Other

Other8th International Workshop on Requirements Engineering and Law, RELAW 2015
CountryCanada
CityOttawa
Period8/25/15 → …

Fingerprint

Security of data
Semantic Web
semantics
regulation
Modernization
modernization
act
information system
Information systems
Systems analysis
scenario
Law
knowledge

Keywords

  • FISMA
  • Nomos 2
  • OWL
  • SWRL
  • applicability
  • automated reasoning
  • formal model
  • information security
  • law variability
  • satisfiability
  • semantic web

ASJC Scopus subject areas

  • Law
  • Electrical and Electronic Engineering
  • Software

Cite this

Mandal, S., Gandhi, R., & Siy, H. P. (2015). Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security. In 8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings (pp. 1-9). [7330205] (8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/RELAW.2015.7330205

Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security. / Mandal, Sayonnha; Gandhi, Robin; Siy, Harvey Pe.

8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings. Institute of Electrical and Electronics Engineers Inc., 2015. p. 1-9 7330205 (8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Mandal, S, Gandhi, R & Siy, HP 2015, Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security. in 8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings., 7330205, 8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings, Institute of Electrical and Electronics Engineers Inc., pp. 1-9, 8th International Workshop on Requirements Engineering and Law, RELAW 2015, Ottawa, Canada, 8/25/15. https://doi.org/10.1109/RELAW.2015.7330205
Mandal S, Gandhi R, Siy HP. Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security. In 8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings. Institute of Electrical and Electronics Engineers Inc. 2015. p. 1-9. 7330205. (8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings). https://doi.org/10.1109/RELAW.2015.7330205
Mandal, Sayonnha ; Gandhi, Robin ; Siy, Harvey Pe. / Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security. 8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings. Institute of Electrical and Electronics Engineers Inc., 2015. pp. 1-9 (8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings).
@inproceedings{430cc0b9122949ceb3f01fbcb17fe8b7,
title = "Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security",
abstract = "In this paper, the Nomos 2 framework for modeling law-compliant solutions in software system design is applied in the context of the Federal Information Security Modernization Act (FISMA) of 2014. Information security regulatory statements with a high variability space are examined to explore the utility and limits of the Nomos 2 framework for information security regulations. Additionally, Nomos 2 concepts are modeled in a semantic web representation for reasoning about the applicability and satisfiablity of FISMA regulations for information systems. The use of freely available semantic web toolsets for knowledge modeling and reasoning are demonstrated in an example scenario requiring the determination of FISMA related authorities and functions.",
keywords = "FISMA, Nomos 2, OWL, SWRL, applicability, automated reasoning, formal model, information security, law variability, satisfiability, semantic web",
author = "Sayonnha Mandal and Robin Gandhi and Siy, {Harvey Pe}",
year = "2015",
month = "11",
day = "16",
doi = "10.1109/RELAW.2015.7330205",
language = "English (US)",
series = "8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "1--9",
booktitle = "8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings",

}

TY - GEN

T1 - Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security

AU - Mandal, Sayonnha

AU - Gandhi, Robin

AU - Siy, Harvey Pe

PY - 2015/11/16

Y1 - 2015/11/16

N2 - In this paper, the Nomos 2 framework for modeling law-compliant solutions in software system design is applied in the context of the Federal Information Security Modernization Act (FISMA) of 2014. Information security regulatory statements with a high variability space are examined to explore the utility and limits of the Nomos 2 framework for information security regulations. Additionally, Nomos 2 concepts are modeled in a semantic web representation for reasoning about the applicability and satisfiablity of FISMA regulations for information systems. The use of freely available semantic web toolsets for knowledge modeling and reasoning are demonstrated in an example scenario requiring the determination of FISMA related authorities and functions.

AB - In this paper, the Nomos 2 framework for modeling law-compliant solutions in software system design is applied in the context of the Federal Information Security Modernization Act (FISMA) of 2014. Information security regulatory statements with a high variability space are examined to explore the utility and limits of the Nomos 2 framework for information security regulations. Additionally, Nomos 2 concepts are modeled in a semantic web representation for reasoning about the applicability and satisfiablity of FISMA regulations for information systems. The use of freely available semantic web toolsets for knowledge modeling and reasoning are demonstrated in an example scenario requiring the determination of FISMA related authorities and functions.

KW - FISMA

KW - Nomos 2

KW - OWL

KW - SWRL

KW - applicability

KW - automated reasoning

KW - formal model

KW - information security

KW - law variability

KW - satisfiability

KW - semantic web

UR - http://www.scopus.com/inward/record.url?scp=84963502758&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84963502758&partnerID=8YFLogxK

U2 - 10.1109/RELAW.2015.7330205

DO - 10.1109/RELAW.2015.7330205

M3 - Conference contribution

T3 - 8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings

SP - 1

EP - 9

BT - 8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings

PB - Institute of Electrical and Electronics Engineers Inc.

ER -