A Security Ontology with MDA for Software Development

It is found that current ontologies for security often emphasize the security concerns and concepts without their involvement in each of stages of a software development process. This means that the security concerns and concepts will not be actually considered throughout the development process. This leads a lack of approaches to involving security concerns and concepts throughout the development process. In order to overcome the lack, a new security ontology for software development has been defined together with MDA that has been used in software development so that security concerns and concepts can play a role in each of stages of the development process and be included as security components in software. This paper will firstly introduce this new ontology and its semantics, then show how to use it in the development process in terms of four case studies. The results of the case studies have proven that the proposed security ontology could be useful in modeling and design of security concerns and concepts at each of stages of the development process with MDA.