Patterns encapsulate experience and good practices that can be used for new designs. Analysis and design patterns are well established as a convenient and reusable way to build high-quality object-oriented software. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. A variety of security patterns has been developed for the construction of secure systems. We survey the security patterns developed by our group and a few other researchers. We apply these patterns through a secure system development method based on a hierarchical architecture whose layers define the scope of each security mechanism. We are building a catalog of security patterns that helps in defining the security mechanisms at each architectural level and at each development stage. In addition to their value for new system design, security patterns are useful to evaluate existing systems by analyzing if they include specific patterns or not. They are also useful to compare security standards and to verify that products comply with the standard. Finally, we have found security patterns very valuable for teaching security concepts and mechanisms. © Springer Science + Business Media, LLC 2009.
CITATION STYLE
Fernandez, E. B. (2009). Security patterns and a methodology to apply them. Advances in Information Security, 45, 37–46. https://doi.org/10.1007/978-0-387-88775-3_3
Mendeley helps you to discover research relevant for your work.