{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,29]],"date-time":"2026-05-29T08:53:27Z","timestamp":1780044807803,"version":"3.53.1"},"reference-count":42,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2016,3,11]],"date-time":"2016-03-11T00:00:00Z","timestamp":1457654400000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int. J. Autom. Comput."],"published-print":{"date-parts":[[2016,4]]},"DOI":"10.1007\/s11633-016-0950-1","type":"journal-article","created":{"date-parts":[[2016,3,11]],"date-time":"2016-03-11T04:44:09Z","timestamp":1457671449000},"page":"168-182","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["An ontology-based approach to security pattern selection"],"prefix":"10.1007","volume":"13","author":[{"given":"Hui","family":"Guan","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Hongji","family":"Yang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Jun","family":"Wang","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2016,3,11]]},"reference":[{"key":"950_CR1","doi-asserted-by":"crossref","DOI":"10.1007\/b11930","volume-title":"Security Engineering with Patterns: Origins, Theoretical Models, and New Applications","author":"M. Schumacher","year":"2003","unstructured":"M. Schumacher. Security Engineering with Patterns: Origins, Theoretical Models, and New Applications, Berlin, Germany: Springer-Verlag, 2003."},{"key":"950_CR2","volume-title":"Security Patterns: Integrating Security and Systems Engineering","author":"M. Schumacher","year":"2006","unstructured":"M. Schumacher, E. Fernandez-Buglioni, D. Hybertson, F. Buschmann, P. Sommerlad. Security Patterns: Integrating Security and Systems Engineering, Chichester, UK: John Wiley & Sons, 2006."},{"issue":"1\u20132","key":"950_CR3","first-page":"46","volume":"5","author":"M. Bunke","year":"2012","unstructured":"M. Bunke, R. Koschke, K. Sohr. Organizing security patterns related to security and pattern recognition requirements. International Journal on Advances in Security, vol. 5, no. 1\u20132, pp. 46\u201367, 2012.","journal-title":"International Journal on Advances in Security"},{"key":"950_CR4","volume-title":"Design Patterns: Elements of Reusable Object-oriented Software","author":"E. Gamma","year":"1994","unstructured":"E. Gamma, R. Helm, R. Johnson, J. Vlissides. Design Patterns: Elements of Reusable Object-oriented Software, Boston, USA: Pearson Education, 1994."},{"key":"950_CR5","first-page":"3","volume-title":"Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems","author":"T. Heyman","year":"2007","unstructured":"T. Heyman, K. Yskout, R. Scandariato, W. Joosen. An analysis of the security patterns landscape. In Proceedings of the 3rd International Workshop on Software Engineering for Secure Systems, IEEE Computer Society, Minneapolis, MN, pp. 3, 2007."},{"key":"950_CR6","volume-title":"Building Secure Software: How to Avoid Security Problems the Right Way","author":"J. Viega","year":"2001","unstructured":"J. Viega, G. McGraw. Building Secure Software: How to Avoid Security Problems the Right Way, Boston, USA: Addison-Wesley Professional, 2001."},{"key":"950_CR7","first-page":"13","volume-title":"IEEE Workshop on Requirements for High Assurance Systems","author":"B. H. C. Cheng","year":"2003","unstructured":"B. H. C. Cheng, S. Konrad, L. A. Campbell, R. Wassermann. Using security patterns to model and analyze security requirements. IEEE Workshop on Requirements for High Assurance Systems, pp. 13\u201322, 2003."},{"key":"950_CR8","volume-title":"Final Technical Report: Security Patterns for Web Application Development","author":"D. M. Kienzle","year":"2002","unstructured":"D. M. Kienzle, M. C. Elder. Final Technical Report: Security Patterns for Web Application Development, University of Virginia, USA, 2002."},{"key":"950_CR9","volume-title":"DARPA, Washington DC","author":"D. M. Kienzle","year":"2002","unstructured":"D. M. Kienzle, M. C. Elder, D. Tyree, J. Edwards-Hewitt. Security Patterns Repository Version 1.0. DARPA, Washington DC, 2002."},{"key":"950_CR10","volume-title":"Security Design Patterns Technical Guide\u2013Version 1","author":"B. Blakley","year":"2004","unstructured":"B. Blakley, C. Heath. Security Design Patterns Technical Guide\u2013Version 1. G031, Technical Report, the Open Group, UK, 2004."},{"key":"950_CR11","doi-asserted-by":"crossref","first-page":"132","DOI":"10.1007\/978-3-540-30191-2_11","volume":"3269","author":"S. T. Halkidis","year":"2004","unstructured":"S. T. Halkidis, A. Chatzigeorgiou, G. Stephanides. A qualitative evaluation of security patterns. In Proceedings of the 6th International Conference, Lecture Notes in Computer Science, Springer, Malaga, Spain, vol. 3269, pp. 132\u2013144, 2004.","journal-title":"Proceedings of the 6th International Conference, Lecture Notes in Computer Science"},{"key":"950_CR12","first-page":"1605","volume-title":"Proceedings of Canadian Conference on Electrical and Computer Engineering","author":"M. A. Laverdiere","year":"2006","unstructured":"M. A. Laverdiere, A. Mourad, A. Hanna, M. Debbabi. Security design patterns: survey and evaluation. In Proceedings of Canadian Conference on Electrical and Computer Engineering, IEEE, Ottawa, Canada, pp. 1605\u20131608, 2006."},{"key":"950_CR13","volume-title":"Security Patterns and Their Classification Schemes","author":"M. Hafiz","year":"2006","unstructured":"M. Hafiz, R. E. Johnson. Security Patterns and Their Classification Schemes, University of Illinois at Urbana-Champaign Department of Computer Science, Technical Report for Mcrosoft\u2019s Pattems and Practices Group, USA, 2006."},{"issue":"4","key":"950_CR14","doi-asserted-by":"crossref","first-page":"52","DOI":"10.1109\/MS.2007.114","volume":"24","author":"M. Hafiz","year":"2007","unstructured":"M. Hafiz, P. Adamczyk, R. E. Johnson. Organizing security patterns. IEEE Software, vol. 24, no. 4, pp. 52\u201360, 2007.","journal-title":"IEEE Software"},{"key":"950_CR15","first-page":"195","volume-title":"Proceedings of 3rd International Conference on Availability, Reliability and Security","author":"D. Hatebur","year":"2008","unstructured":"D. Hatebur, M. Heisel, H. Schmidt. Analysis and component-based realization of security requirements. In Proceedings of 3rd International Conference on Availability, Reliability and Security, IEEE, Barcelona, Spain, pp. 195\u2013203, 2008."},{"key":"950_CR16","first-page":"297","volume-title":"Proceedings of the 19th International Workshop on Database and Expert Systems Application","author":"P. El Khoury","year":"2008","unstructured":"P. El Khoury, A. Mokhtari, E. Coquery, M. S. Hacid. An ontological interface for software developers to select security patterns. In Proceedings of the 19th International Workshop on Database and Expert Systems Application, IEEE, Turin, Italy, pp. 297\u2013301, 2008."},{"key":"950_CR17","first-page":"129","volume-title":"Proceedings of International Symposium, Lecture Notes in Computer Science","author":"S. Montero","year":"2005","unstructured":"S. Montero, P. D\u00edaz, I. Aedo. A semantic representation for domain-specific patterns. In Proceedings of International Symposium, Lecture Notes in Computer Science, Springer, Salzburg, Austria, pp. 129\u2013140, 2005."},{"issue":"4","key":"950_CR18","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/jisp.2007100101","volume":"1","author":"A. Herzog","year":"2007","unstructured":"A. Herzog, N. Shahmehri, C. Duma. An ontology of information security. International Journal of Information Security and Privacy, vol. 1, no. 4, pp. 1\u201323, 2007.","journal-title":"International Journal of Information Security and Privacy"},{"key":"950_CR19","volume-title":"Principles of Information Security","author":"M. Whitman","year":"2005","unstructured":"M. Whitman, H. Mattord. Principles of Information Security (2nd Edition), Boston, USA: Course Technology, 2005.","edition":"2"},{"key":"950_CR20","doi-asserted-by":"crossref","first-page":"183","DOI":"10.1145\/1533057.1533084","volume-title":"Proceedings of the 4th International Symposium on Information, Computer, and Communications Security","author":"S. Fenz","year":"2009","unstructured":"S. Fenz, A. Ekelhart. Formalizing information security knowledge. In Proceedings of the 4th International Symposium on Information, Computer, and Communications Security, ACM, Sydney, Australia, pp. 183\u2013194, 2009."},{"issue":"2","key":"950_CR21","first-page":"119","volume":"41","author":"J. L. Velasco","year":"2009","unstructured":"J. L. Velasco, R. Valencia-Garc\u00eda, J. T. Fern\u00e1ndez-Breis, A. Toval. Modelling reusable security requirements based on an ontology framework. Journal of Research and Practice in Information Technology, vol. 41, no. 2, pp. 119\u2013133, 2009.","journal-title":"Journal of Research and Practice in Information Technology"},{"key":"950_CR22","first-page":"985","volume-title":"Proceedings of the 20th International Conference on Advanced Information Networking and Applications","author":"B. Tsoumas","year":"2006","unstructured":"B. Tsoumas, D. Gritzalis. Towards an ontology-based security management. In Proceedings of the 20th International Conference on Advanced Information Networking and Applications, IEEE, Vienna, Austria, pp. 985\u2013992, 2006."},{"key":"950_CR23","volume-title":"Proceedings of the International Seminar on Dependable Requirements Engineering of Computerised Systems at NPPs","author":"G. Dobson","year":"2006","unstructured":"G. Dobson, P. Sawyer. Revisiting ontology-based requirements engineering in the age of the semantic web. In Proceedings of the International Seminar on Dependable Requirements Engineering of Computerised Systems at NPPs, IFE, Halden, Norway, 2006."},{"issue":"1","key":"950_CR24","doi-asserted-by":"crossref","first-page":"51","DOI":"10.1016\/j.istr.2004.11.002","volume":"10","author":"G. Denker","year":"2005","unstructured":"G. Denker, L. Kagal, T. Finin. Security in the semantic web using OWL. Information Security Technical Report, vol. 10, no. 1, pp. 51\u201358, 2005.","journal-title":"Information Security Technical Report"},{"key":"950_CR25","first-page":"5","volume-title":"Proceedings of the 1st International Conference on Availability, Reliability and Security","author":"M. Karyda","year":"2006","unstructured":"M. Karyda, T. Balopoulos, S. Dritsas, L. Gymnopoulos, S. Kokolakis, C. Lambrinoudakis, S. Gritzalis. An ontology for secure e-government applications. In Proceedings of the 1st International Conference on Availability, Reliability and Security, IEEE, Vienna, Austria, pp. 5, 2006."},{"key":"950_CR26","doi-asserted-by":"crossref","first-page":"291","DOI":"10.1007\/978-3-642-22000-5_31","volume":"6682","author":"H. Guan","year":"2011","unstructured":"H. Guan, W. R. Chen, L. Liu, H. J. Yang. Environmentdriven threats elicitation for web applications. In Proceedings of the 5th KES International Conference, Lecture Notes in Computer Science, Springer, Manchester, UK, vol. 6682, pp. 291\u2013300, 2011.","journal-title":"Proceedings of the 5th KES International Conference, Lecture Notes in Computer Science"},{"issue":"1","key":"950_CR27","first-page":"54","volume":"23","author":"H. Guan","year":"2012","unstructured":"H. Guan, W. R. Chen, L. Liu, H. J. Yang. Estimating security risk for web applications using security vectors. Journal of Computers, vol. 23, no. 1, pp. 54\u201370, 2012.","journal-title":"Journal of Computers"},{"issue":"2","key":"950_CR28","first-page":"119","volume":"41","author":"J. Lasheras","year":"2009","unstructured":"J. Lasheras, R. Valencia-Garc\u00eda, J. T. Fern\u00e1ndez-Breis, A. Toval. Modelling reusable security requirements based on an ontology framework. Journal of Research and Practice in Information Technology, vol. 41, no. 2, pp. 119\u2013133, 2009.","journal-title":"Journal of Research and Practice in Information Technology"},{"key":"950_CR29","volume-title":"Code of Practice for Information Security Management","author":"ISO\/IEC 17799-272002.","year":"2005","unstructured":"ISO\/IEC 17799-272002. Code of Practice for Information Security Management, 2005."},{"key":"950_CR30","volume-title":"Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management","author":"C. Steel","year":"2005","unstructured":"C. Steel, R. Nagappan, R. Lai. Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management, Englewood Cliffs, USA: Prentice-Hall, 2005."},{"key":"950_CR31","first-page":"37","volume-title":"Proceedings of the International Conference on Artificial Intelligence and Digital Communications","author":"S. T. Halkidis","year":"2006","unstructured":"S. T. Halkidis, A. Chatzigeorgiou, G. Stephanides. A practical evaluation of security patterns. In Proceedings of the International Conference on Artificial Intelligence and Digital Communications, Thessalonikj, Greece, pp. 37\u201344, 2006."},{"key":"950_CR32","first-page":"565","volume-title":"Proceedings of International Conference on Availability, Reliability, and Security","author":"E. B. Fernandez","year":"2010","unstructured":"E. B. Fernandez, N. Yoshioka, H. Washizaki, M. VanHilst. Measuring the level of security introduced by security patterns. In Proceedings of International Conference on Availability, Reliability, and Security, IEEE, Krakow, Poland, pp. 565\u2013568, 2010."},{"key":"950_CR33","volume-title":"Proceedings of the 4th Conference on Pattern Languages of Programming","author":"J. Yoder","year":"1998","unstructured":"J. Yoder, J. Barcalow. Architectural patterns for enabling application security. In Proceedings of the 4th Conference on Pattern Languages of Programming, USA, 1998."},{"key":"950_CR34","volume-title":"Pattern-Oriented Software Architecture Volume 1: A System of Patterns","author":"F. Bushmann","year":"1996","unstructured":"F. Bushmann, R. Meunier, H. Rohnert, P. Sommerlad, M. Stal. Pattern-Oriented Software Architecture Volume 1: A System of Patterns, Chichester, UK: John Wiley & Sons, 1996."},{"issue":"2","key":"950_CR35","first-page":"87","volume":"41","author":"M. VanHilst","year":"2009","unstructured":"M. VanHilst, E. B. Fernandez, F. Braz. A multi-dimensional classification for users of security patterns. Journal of Research & Practice in Information Technology, vol. 41, no. 2, pp. 87\u201397, 2009.","journal-title":"Journal of Research & Practice in Information Technology"},{"key":"950_CR36","volume-title":"Threat Modeling","author":"F. Swiderski","year":"2004","unstructured":"F. Swiderski, W. Snyder. Threat Modeling, Redmond, USA: Microsoft Press, 2004."},{"issue":"5\u20136","key":"950_CR37","doi-asserted-by":"crossref","first-page":"907","DOI":"10.1006\/ijhc.1995.1081","volume":"43","author":"T. R. Gruber","year":"1995","unstructured":"T. R. Gruber. Toward principles for the design of ontologies used for knowledge sharing. International Journal of Human-Computer Studies, vol. 43, no. 5\u20136, pp. 907\u2013928, 1995.","journal-title":"International Journal of Human-Computer Studies"},{"issue":"3","key":"950_CR38","doi-asserted-by":"crossref","first-page":"6","DOI":"10.1109\/MSECP.2003.1203222","volume":"1","author":"M. Donner","year":"2003","unstructured":"M. Donner. Toward a security ontology. IEEE Security & Privacy, vol. 1, no. 3, pp. 6\u20137, 2003.","journal-title":"IEEE Security & Privacy"},{"key":"950_CR39","first-page":"53","volume-title":"Proceedings of the Workshop on New Security Paradigms","author":"V. Raskin","year":"2001","unstructured":"V. Raskin, C. F. Hempelmann, K. E. Triezenberg, S. Nirenburg. Ontology in information security: A useful theoretical foundation and methodological tool. In Proceedings of the Workshop on New Security Paradigms, ACM, New York, USA, pp. 53\u201359, 2001."},{"key":"950_CR40","volume-title":"Ontological Engineering","author":"A. Gomez-Perez","year":"2004","unstructured":"A. Gomez-Perez, M. Fern\u00e1ndez-L\u00f3pez, O. Corcho. Ontological Engineering, London, UK: Springer London, 2004."},{"key":"950_CR41","volume-title":"BS7799 \u2014 Code of Practice for Information Security Management","author":"BSI.","year":"1999","unstructured":"BSI. BS7799 \u2014 Code of Practice for Information Security Management, 1999."},{"key":"950_CR42","volume-title":"Improving Web Application Security: Threats and Countermeasures","author":"J. D. Meier","year":"2003","unstructured":"J. D. Meier, A. Mackman, S. Vasireddy, M. Dunner, R. Escamila, A. Murukan. Improving Web Application Security: Threats and Countermeasures, Redmond, USA: Microsoft Press, 2003."}],"container-title":["International Journal of Automation and Computing"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11633-016-0950-1.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11633-016-0950-1\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11633-016-0950-1","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,8,17]],"date-time":"2023-08-17T05:52:31Z","timestamp":1692251551000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11633-016-0950-1"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,3,11]]},"references-count":42,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2016,4]]}},"alternative-id":["950"],"URL":"https:\/\/doi.org\/10.1007\/s11633-016-0950-1","relation":{},"ISSN":["1476-8186","1751-8520"],"issn-type":[{"value":"1476-8186","type":"print"},{"value":"1751-8520","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,3,11]]}}}