Harmonised Taxonomies of Security and Resilience: A Suitable Foundation for the Security Discipline

Abstract

Security is an enduring priority for both individuals and communities. For generations, people have sought to secure their lives, their possessions and their freedoms. Methods such as locks, fences, identity cards, and passbooks have been used for many years to provide security against physical attack, crime, espionage, and terrorism. As a result, many national governments, standards organisations, think tanks, academics and commentators have developed or proposed security methods. Yet none of these methods has had a lasting impact on the current, sometimes catastrophic, security challenges faced in modern society. Part of the reason for this is that these methods use or rely upon terminology that is confusing, inconsistent, incomplete, or contains language specific to the physical, personnel, or electronic domains.

While domain-specific ontologies may have utility within their respective security domain, domain-specific language tends to become confused when applied to another domain. Yet physical, personnel, and electronic security experts have a common problem in that they each contribute to a broader organisational security objective. Therefore, these experts require a common language that allows them to share domain expertise with peers and management.

This thesis presents harmonised taxonomies of security and resilience that can be applied across the physical, personnel, and electronic security domains. These taxonomies provide an ordered set of terms to organise thinking and facilitate data and information sharing throughout the security discipline.

A mixed-method approach is applied to this research in a sequential exploratory strategy. Current security and resilience ontologies and taxonomies, terminology and definitions are analysed to demonstrate their inadequacy in modern security scenarios. Functional decomposition is used to derive new taxonomies of security and resilience. Case studies that span the physical, personnel, and electronic security domains are used to provide the experimental context to test the utility and adequacy of the new harmonised taxonomies, using an established security risk assessment framework. The results of the research are triangulated by the conduct of a modified Delphi survey using security experts from across the physical, personnel, and electronic security domains to validate and refine the new taxonomies of security and resilience.