An Ontological Approach to Situational Awareness Applied to Information Security

The typical infrastructures of Ubiquitous Computing assume characteristics of flexibility regarding the connectivity in the environments. Aiming security in these scenarios, several solutions are deployed in its own syntax languages, providing events in different formats. In this sense, Situation Awareness, as a strategy capable of integrating events from different sources, becomes a requirement for the controls implementation. This work proposes an ontological approach to SA applied to the information security domain, called EXEHDA-SO. The proposal was evaluated based on a real infrastructure, showing itself capable of handling heterogeneous events from different contextual source.