Home // International Journal On Advances in Security, volume 4, numbers 3 and 4, 2011 // View article

A New Pattern Template to Support the Design of Security Architectures: A Case Study

Authors:
Santiago Moral-García
Roberto Ortiz
Santiago Moral-Rubio
Javier Garzás
Eduardo Fernández-Medina

Keywords: information security engineering; security architectures; security technologies; security patterns; real environments

Abstract:
New work paradigms are emerging in the information technology sector, which are causing changes in the technological infrastructures of organizations’ information systems. Organizations should adapt to all these changes in order to guarantee the confidentiality, integrity and availability of their information assets. Organizations should therefore seek support from security architectures. A good means to design security architectures is through the use of security patterns. After carrying out a systematic review of security patterns, we observed that the vast majority of current security patterns are oriented towards the production of security mechanisms, such as secure access systems or secure authentication systems. This type of patterns may be extremely useful to those security engineers who work on the production of this type of mechanisms, but they cannot be applied by a wide sector of security engineers who work in the development of security architectures. In a previous work, we proposed a new pattern template in order to complement security patterns and make them more applicable to security architecture design environments. In this paper, which is an evolution of the work mentioned above, we have validated the proposed template with a case study. This case study also provides a new security solution to ensure external accesses to organizations’ production environments.

Pages: 173 to 184

Copyright: Copyright (c) to authors, 2011. Used with permission.

Publication date: April 30, 2012

Published in: journal

ISSN: 1942-2636