Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security

Sayonnha Mandal, Robin Gandhi, Harvey Siy

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Scopus citations

Abstract

In this paper, the Nomos 2 framework for modeling law-compliant solutions in software system design is applied in the context of the Federal Information Security Modernization Act (FISMA) of 2014. Information security regulatory statements with a high variability space are examined to explore the utility and limits of the Nomos 2 framework for information security regulations. Additionally, Nomos 2 concepts are modeled in a semantic web representation for reasoning about the applicability and satisfiablity of FISMA regulations for information systems. The use of freely available semantic web toolsets for knowledge modeling and reasoning are demonstrated in an example scenario requiring the determination of FISMA related authorities and functions.

Original languageEnglish (US)
Title of host publication8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages1-9
Number of pages9
ISBN (Electronic)9781509001040
DOIs
StatePublished - Nov 16 2015
Event8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Ottawa, Canada
Duration: Aug 25 2015 → …

Publication series

Name8th International Workshop on Requirements Engineering and Law, RELAW 2015 - Proceedings

Other

Other8th International Workshop on Requirements Engineering and Law, RELAW 2015
CountryCanada
CityOttawa
Period8/25/15 → …

Keywords

  • FISMA
  • Nomos 2
  • OWL
  • SWRL
  • applicability
  • automated reasoning
  • formal model
  • information security
  • law variability
  • satisfiability
  • semantic web

ASJC Scopus subject areas

  • Law
  • Electrical and Electronic Engineering
  • Software

Fingerprint Dive into the research topics of 'Semantic web representations for reasoning about applicability and satisfiability of federal regulations for information security'. Together they form a unique fingerprint.

Cite this