{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,9]],"date-time":"2025-11-09T07:52:59Z","timestamp":1762674779247,"version":"3.37.3"},"reference-count":35,"publisher":"Elsevier BV","license":[{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/tdm\/userlicense\/1.0\/"},{"start":{"date-parts":[[2025,1,1]],"date-time":"2025-01-01T00:00:00Z","timestamp":1735689600000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.elsevier.com\/legal\/tdmrep-license"},{"start":{"date-parts":[[2024,10,18]],"date-time":"2024-10-18T00:00:00Z","timestamp":1729209600000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100024370","name":"Ministero dell'Istruzione dell'Universit\u00e0 e della Ricerca","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100024370","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["elsevier.com","sciencedirect.com"],"crossmark-restriction":true},"short-container-title":["Computers & Security"],"published-print":{"date-parts":[[2025,1]]},"DOI":"10.1016\/j.cose.2024.104150","type":"journal-article","created":{"date-parts":[[2024,10,17]],"date-time":"2024-10-17T05:10:01Z","timestamp":1729141801000},"page":"104150","update-policy":"https:\/\/doi.org\/10.1016\/elsevier_cm_policy","source":"Crossref","is-referenced-by-count":2,"special_numbering":"C","title":["SecOnto: Ontological Representation of Security Directives"],"prefix":"10.1016","volume":"148","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-2215-0416","authenticated-orcid":false,"given":"Gianpietro","family":"Castiglione","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7615-8643","authenticated-orcid":false,"given":"Giampaolo","family":"Bella","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Daniele Francesco","family":"Santamaria","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"78","reference":[{"key":"10.1016\/j.cose.2024.104150_b1","series-title":"BNCAI","first-page":"1","article-title":"Towards legal compliance by correlating standards and laws with a semi-automated methodology","author":"Bartolini","year":"2016"},{"issue":"1","key":"10.1016\/j.cose.2024.104150_b2","first-page":"51","article-title":"The ontology for agents, systems and integration of services: OASIS version 2","volume":"17","author":"Bella","year":"2023","journal-title":"Intell. Artif."},{"key":"10.1016\/j.cose.2024.104150_b3","series-title":"Proceedings of the Joint Ontology Workshops 2023 Episode IX: the Quebec Summer of Ontology Co-Located with the 13th International Conference on Formal Ontology in Information Systems (FOIS 2023), Sherbrooke, Qu\u00e9bec, Canada, July 19-20, 2023","first-page":"1","article-title":"An automated method for the ontological representation of security directives","volume":"vol. 3637","author":"Bella","year":"2023"},{"key":"10.1016\/j.cose.2024.104150_b4","series-title":"Proceedings of the Joint Ontology Workshops 2023 Episode IX: the Quebec Summer of Ontology Co-Located with the 13th International Conference on Formal Ontology in Information Systems (FOIS 2023), Sherbrooke, Qu\u00e9bec, Canada, July 19-20, 2023","first-page":"1","article-title":"An ontological approach to compliance verification of the NIS 2 directive","volume":"vol. 3637","author":"Bella","year":"2023"},{"issue":"3","key":"10.1016\/j.cose.2024.104150_b5","doi-asserted-by":"crossref","first-page":"303","DOI":"10.1007\/s13218-020-00677-4","article-title":"Machine understandable policies and GDPR compliance checking","volume":"34","author":"Bonatti","year":"2020","journal-title":"KI - K\u00fcnstliche Intell."},{"issue":"3","key":"10.1016\/j.cose.2024.104150_b6","doi-asserted-by":"crossref","first-page":"281","DOI":"10.1007\/s00766-013-0190-7","article-title":"Eddy, a formal language for specifying and analyzing data flow specifications for conflicting privacy requirements","volume":"19","author":"Breaux","year":"2014","journal-title":"Requir. Eng."},{"key":"10.1016\/j.cose.2024.104150_b7","series-title":"Proceedings of the 18th International Conference on Availability, Reliability and Security","first-page":"1","article-title":"Towards grammatical tagging for the legal language of cybersecurity","author":"Castiglione","year":"2023"},{"key":"10.1016\/j.cose.2024.104150_b8","series-title":"2017 International Conference on Research and Innovation in Information Systems","first-page":"1","article-title":"An ontology based framework to support multi-standard compliance for an enterprise","author":"Cheng","year":"2017"},{"issue":"9","key":"10.1016\/j.cose.2024.104150_b9","doi-asserted-by":"crossref","first-page":"3615","DOI":"10.1007\/s10115-020-01468-x","article-title":"\u201cJust-in-time\u201d generation of datasets by considering structured representations of given consent for GDPR compliance","volume":"62","author":"Debruyne","year":"2020","journal-title":"Knowl. Inf. Syst."},{"key":"10.1016\/j.cose.2024.104150_b10","series-title":"International Web Rule Symposium","first-page":"1","article-title":"Checking compliance in European tender documents through ontologies and rules","author":"Distinto","year":"2012"},{"key":"10.1016\/j.cose.2024.104150_b11","doi-asserted-by":"crossref","first-page":"267","DOI":"10.3233\/SW-140151","article-title":"LOTED2: An ontology of European public procurement notices","volume":"7","author":"Distinto","year":"2016","journal-title":"Semant. Web"},{"key":"10.1016\/j.cose.2024.104150_b12","doi-asserted-by":"crossref","first-page":"500","DOI":"10.3390\/fi7040500","article-title":"A hierarchical multitier approach for privacy policies in e-government environments","volume":"7","author":"Drogkaris","year":"2015","journal-title":"Future Internet"},{"key":"10.1016\/j.cose.2024.104150_b13","series-title":"2018 IEEE International Conference on Big Data (Big Data)","first-page":"1266","article-title":"An integrated knowledge graph to automate GDPR and PCI DSS compliance","author":"Elluri","year":"2018"},{"key":"10.1016\/j.cose.2024.104150_b14","unstructured":"European Union, ., Types of legislation \u2014 European union \u2014 European-union.europa.eu. https:\/\/european-union.europa.eu\/institutions-law-budget\/law\/types-legislation_en."},{"year":"2016","series-title":"General data protection regulation","author":"European Union","key":"10.1016\/j.cose.2024.104150_b15"},{"year":"2019","series-title":"EU cybersecurity act","author":"European Union","key":"10.1016\/j.cose.2024.104150_b16"},{"year":"2022","series-title":"NIS 2 directive","author":"European Union","key":"10.1016\/j.cose.2024.104150_b17"},{"key":"10.1016\/j.cose.2024.104150_b18","series-title":"Proceedings of the 2010 ACM Symposium on Applied Computing","first-page":"1833","article-title":"Ontology-based generation of IT-security metrics","author":"Fenz","year":"2010"},{"issue":"5","key":"10.1016\/j.cose.2024.104150_b19","doi-asserted-by":"crossref","first-page":"551","DOI":"10.1108\/ICS-02-2018-0020","article-title":"Ontology-based information security compliance determination and control selection on the example of ISO 27002","volume":"26","author":"Fenz","year":"2018","journal-title":"Inf. Comput. Secur."},{"key":"10.1016\/j.cose.2024.104150_b20","series-title":"Proceedings of the Ontological Engineering AAAI-97 Spring Symposium Series","first-page":"1","article-title":"Methontology: From ontological art towards ontological engineering","author":"Fern\u00e1ndez-L\u00f3pez","year":"1997"},{"key":"10.1016\/j.cose.2024.104150_b21","series-title":"13th IEEE International Conference on Requirements Engineering","first-page":"167","article-title":"Modeling security requirements through ownership, permission and delegation","author":"Giorgini","year":"2005"},{"key":"10.1016\/j.cose.2024.104150_b22","series-title":"International Research School in Artificial Intelligence in Bergen","first-page":"2:1","article-title":"Reasoning in knowledge graphs","volume":"vol. 99","author":"Guimar\u00e3es","year":"2022"},{"issue":"1","key":"10.1016\/j.cose.2024.104150_b23","doi-asserted-by":"crossref","first-page":"1","DOI":"10.4018\/IJSWIS.2021010101","article-title":"CISMET","volume":"17","author":"Hasan","year":"2021","journal-title":"Int. J. Semant. Web Inf. Syst."},{"key":"10.1016\/j.cose.2024.104150_b24","series-title":"Proceedings of the 13th International Conference on Theory and Practice of Electronic Governance","first-page":"731","article-title":"Legal informatics from the aspect of interoperability: A review of systems, tools and ontologies","author":"Loutsaris","year":"2020"},{"year":"2023","series-title":"The 10 biggest cyber security trends in 2024 everyone must be ready for now","author":"Marr","key":"10.1016\/j.cose.2024.104150_b25"},{"key":"10.1016\/j.cose.2024.104150_b26","doi-asserted-by":"crossref","first-page":"185","DOI":"10.3233\/SW-170283","article-title":"PrivOnto: A semantic framework for the analysis of privacy policies","volume":"9","author":"Oltramari","year":"2018","journal-title":"Semant. Web"},{"key":"10.1016\/j.cose.2024.104150_b27","series-title":"International Conference on Legal Knowledge and Information Systems","first-page":"1","article-title":"Legal ontology for modelling GDPR concepts and norms","author":"Palmirani","year":"2018"},{"key":"10.1016\/j.cose.2024.104150_b28","series-title":"International Conference on Electronic Government and the Information Systems Perspective","first-page":"1","article-title":"PrOnto: Privacy ontology for legal reasoning","author":"Palmirani","year":"2018"},{"key":"10.1016\/j.cose.2024.104150_b29","doi-asserted-by":"crossref","first-page":"262","DOI":"10.1016\/j.procs.2018.09.026","article-title":"Queryable provenance metadata for GDPR compliance","volume":"137","author":"Pandit","year":"2018","journal-title":"Procedia Comput. Sci."},{"issue":"1926","key":"10.1016\/j.cose.2024.104150_b30","doi-asserted-by":"crossref","first-page":"4057","DOI":"10.1098\/rsta.2010.0169","article-title":"Privacy compliance and enforcement on European healthgrids: an approach through ontology","volume":"368","author":"Rahmouni","year":"2010","journal-title":"Phil. Trans. R. Soc. A"},{"key":"10.1016\/j.cose.2024.104150_b31","series-title":"SBPM","first-page":"1","article-title":"Ontology-based representation of compliance requirements for service processes","volume":"Vol. 251","author":"Schmidt","year":"2007"},{"issue":"4","key":"10.1016\/j.cose.2024.104150_b32","doi-asserted-by":"crossref","first-page":"220","DOI":"10.1016\/j.ifacol.2015.07.036","article-title":"Ontology versus database","volume":"48","author":"Sir","year":"2015","journal-title":"IFAC-PapersOnLine"},{"year":"2019","series-title":"Protege.stanford.edu","author":"Stanford Center for Biomedical Informatics Research","key":"10.1016\/j.cose.2024.104150_b33"},{"key":"10.1016\/j.cose.2024.104150_b34","series-title":"11th IEEE International Enterprise Distributed Object Computing Conference","first-page":"435","article-title":"Rules and ontology in compliance management","author":"Yip","year":"2007"},{"key":"10.1016\/j.cose.2024.104150_b35","doi-asserted-by":"crossref","DOI":"10.1016\/j.buildenv.2018.05.046","article-title":"Ontology-based framework for building environmental monitoring and compliance checking under BIM environment","volume":"141","author":"Zhong","year":"2018","journal-title":"Build. Environ."}],"container-title":["Computers & Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404824004553?httpAccept=text\/xml","content-type":"text\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/api.elsevier.com\/content\/article\/PII:S0167404824004553?httpAccept=text\/plain","content-type":"text\/plain","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,1,24]],"date-time":"2025-01-24T19:58:35Z","timestamp":1737748715000},"score":1,"resource":{"primary":{"URL":"https:\/\/linkinghub.elsevier.com\/retrieve\/pii\/S0167404824004553"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2025,1]]},"references-count":35,"alternative-id":["S0167404824004553"],"URL":"https:\/\/doi.org\/10.1016\/j.cose.2024.104150","relation":{},"ISSN":["0167-4048"],"issn-type":[{"type":"print","value":"0167-4048"}],"subject":[],"published":{"date-parts":[[2025,1]]},"assertion":[{"value":"Elsevier","name":"publisher","label":"This article is maintained by"},{"value":"SecOnto: Ontological Representation of Security Directives","name":"articletitle","label":"Article Title"},{"value":"Computers & Security","name":"journaltitle","label":"Journal Title"},{"value":"https:\/\/doi.org\/10.1016\/j.cose.2024.104150","name":"articlelink","label":"CrossRef DOI link to publisher maintained version"},{"value":"article","name":"content_type","label":"Content Type"},{"value":"\u00a9 2024 The Authors. Published by Elsevier Ltd.","name":"copyright","label":"Copyright"}],"article-number":"104150"}}