Organizing Security Patterns Related to Security and Pattern Recognition Requirements

Bunke, Michaela; Koschke, Rainer; Sohr, Karsten

Home // International Journal On Advances in Security, volume 5, numbers 1 and 2, 2012 // View article

Organizing Security Patterns Related to Security and Pattern Recognition Requirements

Authors:
Michaela Bunke
Rainer Koschke
Karsten Sohr

Keywords: Security Patterns, Design Patterns

Abstract:
Software security is an emerging area in software development. More and more vulnerabilities are published and highlight the endangerment of systems. Hence, software designers and programmers are increasingly faced with the need to apply security solutions to software systems. Security patterns are best practices to handle recurring security problems. The abundance of documented security patterns calls for meaningful classifications to ease searching and assessing the right pattern for a security problem at hand. Existing classifications for security patterns consider only a small number of patterns and their purpose is often focused on implementation issues. Therefore, we identify missing aspects in existing classifications and the similarities between design and security pattern classifications. Based on that, we introduce two new classification schemes. The first is based on application domains formed by a literature survey on security patterns published in the period of 1997 to mid-2012 to cover the whole bandwidth of existing security patterns. The second is based on a subset of the collected patterns that are concerned with software and combines pattern-recognition needs and security aspects.

Pages: 46 to 67

Publication date: June 30, 2012

Published in: journal

ISSN: 1942-2636