This Article 
 Bibliographic References 
 Add to: 
A Community Knowledge Base for IT Security
May/June 2011 (vol. 13 no. 3)
pp. 24-30
Stefan Fenz, Vienna University of Technology
Simon Parkin, Newcastle University
Aad van Moorsel, Newcastle University

Does every organization need to reinvent the wheel when it comes to IT security? Not if the IT community can develop a formal knowledge base for sharing and applying IT security management knowledge.

1. B. Acohido, "Hackers Breach Heartland Payment Credit Card System," USA Today,23 Jan. 2009; .
2. D. Goodin, "Lax Security Led to TJX Breach," The Register,4 May 2007, .
3. B. Schneier, Schneier on Security, Wiley Computer Publishing, 2008.
4. A. Adams and M.A. Sasse, "Users Are Not the Enemy," Comm. ACM, vol. 42, no. 12, 1999, pp. 40–46.
5. "UK Data Protection Act 1998," National Archives, 1998; .
6. "Directive 95/46/EC of the European Parliament and of the Council," European Parliament and the Council of the European Union, 24 Oct. 1995; docs/95-46-cedir1995-46_part1_en.pdf .
7. R. Werlinger, K. Hawkey, and K. Beznosov, "Human, Organizational and Technological Challenges of Implementing IT Security in Organizations," Proc. Human Aspects of Information Security and Assurance (HAISA 08), Univ. of Plymouth, 2008, pp. 35–44.
8. S. Fenz and A. Ekelhart, "Formalizing Information Security Knowledge," Proc. 4th ACM Symp. Information, Computer, and Communications Security, ACM Press, 2009, pp. 183–194.
9. S. Parkin, A. van Moorsel, and R. Coles, "An Information Security Ontology Incorporating Human-Behavioral Implications," Proc. 2nd Int'l Conf. Security of Information and Networks (SIN 09), ACM Press, 2009, pp. 46–55.
10. T. Tudorache, J. Vendetti, and N. Noy, "Web-Protege: A Lightweight OWL Ontology Editor for the Web," Proc. OWL: Experiences and Directions (OWLED 08), CEUR, 2008.

Index Terms:
Security and protection, knowledge management, knowledge acquisition, information technology
Stefan Fenz, Simon Parkin, Aad van Moorsel, "A Community Knowledge Base for IT Security," IT Professional, vol. 13, no. 3, pp. 24-30, May-June 2011, doi:10.1109/MITP.2011.35
Usage of this product signifies your acceptance of the Terms of Use.