نوع مقاله : مقاله پژوهشی
نویسندگان
1 گروه مدیریت فناوری اطلاعات، دانشکده مدیریت و اقتصاد، واحد علوم و تحقیقات، دانشگاه آزاد اسلامی، تهران، ایران.
2 گروه مدیریت صنعتی، دانشکده مدیریت و حسابداری، واحد کرج، دانشگاه آزاد اسلامی،/ استاد مدعو، دانشکده مدیریت و اقتصاد، واحد علوم و تحقیقات، دانشگاه آزاد اسلامی، تهران، ایران.
3 گروه مدیریت فناوری اطلاعات، دانشکده مدیریت و اقتصاد، واحد علوم و تحقیقات، دانشگاه آزاد اسلامی، تهران، ایران
4 گروه مدیریت، دانشکده مدیریت، دانشگاه آزاد اسلامی،واحد تهران مرکزی، تهران، ایران
چکیده
کلیدواژهها
عنوان مقاله [English]
نویسندگان [English]
Objective: This research adopts an approach that conceptualizes security and develops a comprehensive security model using knowledge representation technologies. It aligns with sustainability and organizational resilience within the context of the fifth industrial revolution, aiming to provide a complete overview of the conceptual components of security.
Methods: The objectives of this applied research are pursued through a conceptualization approach. To achieve this, the latest version of Protégé software was used to develop the ontology. Additionally, a life cycle process for ontology creation was designed to align with international methods and design science. Furthermore, to create a comprehensive representation, the OntoGraf tool was employed with a focus on organizational resilience.
Results: The design of a conceptual model for organizational security requirements, controls, and assets was achieved through ontology engineering using the Protégé tool. This process was based on standards, international frameworks, and the specific conditions and needs of the country. The approach aimed to establish sustainability and resilience within the organization while also creating a comprehensive representation of the conceptual components of security in organizations.
Conclusions: In today’s complex environment, smart action is essential. In a large organization like a university, acting intelligently is the most important factor in enhancing competitiveness. Security plays a crucial role across various dimensions of organizations that adopt a smart approach. The field of security is highly dynamic, with new threats constantly emerging. To address these rapidly growing threats, conceptual solutions are needed to enhance organizational security, resilience, and continuity. This research presents the conceptualization and organization of knowledge in security, as well as the creation of a platform for the development and use of common concepts
کلیدواژهها [English]
منابع
آدینه، رضا (1400). هوشمندسازی امنیت و مقابله با تهدیدات پیشرفته. تهران: موسسه فرهنگی هنری دیباگران.
آسوشه، عباس (1390). هستاننگاری:روششناسی، ابزارها و زبان های توسعه. تهران: انتشارات دانشگاه تربیت مدرس.
ثروتی، لیلا؛ ولوی، محمدرضا؛ و حورعلی، مریم (1393).کاربردهای هستانشناسی در امور نظامی و متدولوژی هستانشناسی نظامی، هفتمین کنفرانس ملی انجمن فرماندهی و کنترل (C4I) ایران؛ دانشگاه علوم و فنون هوایی شهید ستاری https://civilica.com/doc/412525
رجبی، زینب؛ و علینقیزاده اردستانی، مهدی (1398). ارائه یک روش داده محور برای توسعه معماری سازمانی با استفاده از مدل هستانشناسی سازمانی. فرماندهی و کنترل، 3(3)،16-45 http://ic4i-journal.ir/article-1-163-fa.html
صابری فر، رستم (1399). تعیین و تشخیص عوامل مؤثر در طراحی سازمان هوشمند برای مدیریت شهری. پژوهشهای جغرافیایی برنامهریزی شهری، 8(2) ، 445-467
علی آبادی، سبحان؛ محروقی، حمیدرضا؛ و زارع، مهناز (1396). ارائه مدل مرجع امنیت در چارچوب معماری سازمانی ایران؛ اولین همایش ملی پیشرفتهای معماری سازمانی دانشکده مهندسی و علوم کامپیوتر دانشگاه شهید بهشتی. https://civilica.com/doc/737972/
فتحیاندستگردی، اکرم (1399). طراحی الگوی هستانشناسی فرادادهای برای مدلسازی و بازنمون معنایی مقالات نشریات علمی در پایگاه رایسست، مرکز منطقهای اطلاع رسانی علوم و فناوری (رایسست).
قلم بر، محمد امین؛ عبادى، سید محمد علی؛ کرمى، خسرو (1401). کلان روندهاى فناورى به روایت 8 موسسه برتر مشاوره مدیریت جهان. تهران: واحد مطالعات راهبردى و آینده پژوهى شرکت سرمایه گذارى دى، انتشارات کاریز.
محروقی، حمیدرضا؛ علی آبادی، سبحان؛ و خیرخواه، محیا (1396). بررسی و مقایسه ی چارچوب ها و مدلهای امنیت در معماری سازمانی، اولین همایش ملی پیشرفت معماری سازمانی https://civilica.com/doc/7379
نجاری، رضا؛ آذر، عادل؛ و جلیلیان، حمیدرضا (1394). ارائه مدل هوشمندی سازمان: مورد مطالعه شرکت های تولیدی. مطالعات رفتار سازمانی؛ 4(1)، 1-24.
نظامی، درنا؛ و شمسعینی، فریدون (1396). پشتیبانی از تصمیمات معماری سازمانی با استفاده از هستانشناسی. همایش ملی پیشرفتهای معماری سازمانی. https://civilica.com/doc/737955
وزارت ارتباطات و فناوری اطلاعات (1402). برنامه راهبردی دولت هوشمند ایران. تهران: وزارت ارتباطات و فناوری اطلاعات.
References
Adina, R. (2021). Smartening security and dealing with advanced threats. Dibagaran Art Cultural Institute of Tehran. (In Persian)
Alberts, C. J. Dorofee, A. J. & Allen, J. H. (2001). OCTAVE catalog of practices, version 2.0. Carnegie Mellon University, Software Engineering Institute. https://doi.org/10.1184/R1/6575834.v1
Aliabadi, S., Mahrooghi, H., & Zare, M. (2016). Presenting the reference model of security in the framework of Iran's organizational architecture; 1st national conference on organizational architecture developments, Faculty of Engineering and Computer Science, Shahid Beheshti University. (In Persian) https://civilica.com/doc/737972/
Assouche, A. (2010). Ethnography: methodology, development tools and languages. Tarbiat Modares University Publications. (In Persian)
Bitton, R., Maman, N., Elovici, Y., & Shabta, A. (2021). Evaluating the cybersecurity risk of real world, machine learning production systems. arXiv, arxiv.org/abs/2107.01806 https://doi.org/10.48550/arXiv.2107.01806
Fethian Tasgardi, A. (2019). Designing a metadata ontology model for modeling and semantic representation of scientific journal articles in the Rice database. Regional Science and Technology Information Center (RAISEST). (In Persian)
Gasevic, D., Djuric, D., & Devedzi, V. )2009(. Model driven engineering and ontology development. (2nd ed.). Springer.
Gharib, M., & Mylopoulos, J. (2018). A core ontology for privacy requirements engineering. arXiv:1811.12621v1[cs.SE]. https://doi.org/10.48550/arXiv.1811.12621
Jacobs, S. )2011(. Engineering information security: The Application of Systems Engineering Concepts to Achieve Information Assurance. Wiely.
Kalfoglou, Y., & Schorlemmer, M. (2003). IF-Map: An ontology-mapping method based on information-flow theory. Journal on data semantics, 1, 98-127. https://doi.org/10.1007/978-3-540-39733-55
Kumar A. (2013). A comparative analysis of taxonomy, thesaurus and ontology. International Journal of Applied Services Marketing Perspectives, 2, 251-258.
Lang, D., & Rumsey, C. (2018). Business disruption is here to stay what should learners do? Are Business leaders prepared to handle future business disruptions? 11th IBAB International Conference.
Mahler, T., Elovici, Y. & Shahar, Y. (2020). A new methodology for information security risk assessment for medical devices and its evaluation. arXiv:2002.06938v1[CR]. https://doi.org/10.48550/arXiv.2002.06938
Mahrooqi, H., Aliabadi, S., & Khairkhah, M. (2016). Review and comparison of security frameworks and models in organizational architecture. 1st national conference on the advancement of enterprise architecture. (In Persian) https://civilica.com/doc/737951.
Manzoor, S., Vateva-Gurova, T., Trapero, R. & Suri, N. (2018). Threat modeling the cloud: An ontology based approach. In Proceedings of the International Workshop on Information and Operational Technology, 61-72. (In Persian) https://doi.org/10.1007/978-3-030-12085-6_6
Mavroeidis, V., & Bromander, S. (2021). Cyber threat intelligence model: An evaluation of taxonomies, sharing standards, and ontologies within cyber threat intelligence. 2017 European Intelligence and Security Informatics Conference (EISIC). https://doi.org/10.1109/EISIC.2017.20
Ministry of Communications and Information Technology. (2023). Iran's Smart Government Strategic Plan. Tehran: Ministry of Communications and Information Technology. (In Persian)
Najari, R., Azar, A., & Jalilian, H. (2014). Presenting the intelligence model of the organization: the study of manufacturing companies. Organizational Behavior Studies Quarterly, 4 1 (12) 1-24. (In Persian)
Nizami, D., & Shams Aini, F. (2016). Supporting enterprise architecture decisions using ontology. National Conference on Organizational Architecture Advances. (In Persian) https://civilica.com/doc/737955.
Nizami, D.; & Shams Aini, F. (2016). Supporting enterprise architecture decisions using ontology. National Conference on Organizational Architecture Advances. (In Persian) https://civilica.com/doc/737955.
Qalambar, M. A., Ebadi, S. M. A., & Karami, K. (2022). Major technological trends according to the worlds top 8 management consulting institutes. Strategic Studies and Foresight Unit of D Investment Company, Kariz Publications. (In Persian)
Qamar, T., & Bawany, N. Z. (2020). A cyber security ontology for smart city. International Journal on Information Technologies & Security, 3(12), Corpus ID: 235753202
Rajabi, Z., & Alinaghizadehardestani, M. (2018). Presenting a data-driven method for the development of enterprise architecture using the enterprise ontology model. Command and control of the third year, 3. (In Persian) http://ic4i-journal.ir/article-1-163-fa.html
Rastogi, N., Dutta, S., J. Zaki, M., Gittens, A., & Aggarwal, C. (2020). MALOnt: An ontology for malware threat intelligence. arXiv:2006.11446v1 [cs.CR]. Association for Computing Machinery. https://doi.org/10.48550/arXiv.2006.11446.
Rogushina, J., Gladun, A., Pryima, S. & Strokan, O. (2019). Ontology-based approach to validation of learning outcomes for information security domain. CEUR-WS.org 2577(3). Corpus ID: 215807305. http://www.tsatu.edu.ua/kn/wp-content/uploads/sites/16/skopus_2019.pdf
Saberifar, R. (2019). Determining and identifying effective factors in the design of intelligent organization for urban management. Urban Planning Geography Research, 8(2), 445-467. (In Persian)
Saif, A. (2014). Security Architecture as Part of Enterprise Architecture, School of Information and Communication Technology. Griffith University, Australia.
Sanagavarapu, L., Iyer, V., & Reddy, Y. (2021). OntoEnricher: A Deep learning approach for ontology enrichment from unstructured text. arXiv:2102.04081v1. https://doi.org/10.48550/arXiv.2112.08554
Sarvati, L., Valvi, M., & Hourali, M. (2013). Applications of ontology in military affairs and methodology of military ontology; The 7th National Conference of the Command and Control Association (C4I) of Iran; Shahid Sattari University of Aeronautical Sciences and Techniques; November 2013. (In Persian). https://civilica.com/doc/412525
Sarvati, L., Valvi, M. & Hourali, M. (2013). Applications of ontology in military affairs and methodology of military ontology; The 7th National Conference of the Command and Control Association (C4I) of Iran; Shahid Sattari University of Aeronautical Sciences and Techniques; November 2013. (In Persian). https://civilica.com/doc/412525
Sherwood, J., Clark, A. & Lynas, D. (2005). Enterprise Security architecture: A business-driven approach. CMP Book.
Studer, R., Benjamins, V. R., & Fensel, D. (1998(. Knowledge engineering: Principles and methods, Data & Knowledge Engineering, 25(1–2), 161–198. https://doi.org/10.1016/S0169-023X(97)00056-6
Syed, R. & Zhong, H. (2018). Cybersecurity vulnerability management: An Ontology-Based Conceptual Model. In Proceedings of the Twenty-fourth Americas Conference on Information Systems, New Orleans, LA, USA, 16-18. Corpus ID: 53046758
Van, R. (2014). Comparing Security Architectures. Lulea University of Technology, Department of Computer Science, Electrical and Space Engineering.
Wang, Z., Zhu, H.; Liu, P. & Sun, L. (2021). Social Engineering in Cybersecurity: A Domain Ontology and Knowledge Graph Application Examples. Future issue of cybersecurity (ISSN: 2523-3246). https://doi.org/10.1186/s42400-021-00094-6
Wen, S. F., & Katt, B. (2019). Managing Software Security Knowledge in Context: An Ontology Based Approach. Information, 10, 216. https://doi.org/10.3390/info10060216
Whitman, M. E. & Mattord, H. J. (2012(. Principles of information security (4th Ed.). Course Cengage Learning.
Yu, L. )2007(. Introduction to the Semantic Web and Semantic Web Services. Taylor & Francis, United States of America. https://doi.org/10.1201/978158488934