A general-purpose security framework

    Student thesis: Doctoral thesis


    Computer Science has undergone major transformations throughout its short history. It started with great machines and very restricted and specialized environments and It has become in small devices that are part of society and daily life of every person. Security has been one of the areas most affected by those changes and has undergone major changes in technology also. For this reason, we think that the “traditional” definition of computer security is narrow, especially if we consider the new securities that have appeared in other areas of knowledge. Current definition comes from the 70s and security, in the twenty-first century, is conceptually, theoretically and practically something different. Therefore, the main objective of this thesis is review the concept of computer security itself in order to propose a definition together with a framework model capable to be implemented. In order to achieve it, an analysis method is proposed. The analysis method is based on conceptual methods of obtaining knowledge (knowledge acquisition) used in knowledge engineering. The conceptual model is performed using the Class Diagram (UML) as a graphical representation language. After that, apply the proposed method to a set of selected sources, in order to obtain the model. The conceptual model of the concept of security is expressed as a set of concepts and relationships among concepts. Based on the proposed model, an algebraic expression of the concept of security is drawn, and finally the model is implemented by means of a knowledge-based system using an ontology. Consequently, the study’s principal contributions are the development of a methodology of conceptual analysis and a definition of security along with its framework. The framework is expressed in algebraic manner also and is capable to be implemented using technologies such as Java, providing security metrics. The structure of the thesis is as following: In part 1, a theoretic approach to the study of security, paying attention to other disciplines not related to engineering. An historical approach of the study of the concept of security is made, having special attention to those concepts or models proposed by scholars in the field of security (not exclusively in the field of computer security). Part 2 explains the tools used to build the model. Modeling tools are used both conceptual and knowledge based ones. A method of analysis is constructed and used in the model design. In part 3 a generic model of security is proposed. The aim is to propose an integrative model that includes many of the existing securities. Additionally an algebraic formulation of the security model is made. Finally, part 4 is dedicated to apply the proposed model to a real scenario. This demonstrates that the model is operative and capable to measure the level of security.
    Date of Award6 Nov 2015
    Original languageEnglish
    SupervisorJosep Maria Basart Muñoz (Director)


    • security
    • knowledge
    • engineering and modeling
    • ontology

    Cite this