Using a variety of patterns in a secure software development methodology

Eduardo B. Fernandez, Nobukazu Yoshioka

Research output: Contribution to journalConference articlepeer-review

Abstract

Building secure software systems requires the application of a systematic methodology. A security methodology includes a security process and a conceptual security framework consisting of security artifacts such as patterns. In this work we consider systems designed using patterns. In previous work we proposed a secure systems development methodology that uses security patterns. This methodology applies security throughout the whole lifecycle and considers all architectural levels. As part of this work we have produced a variety of security patterns. As it is difficult for designers to select security patterns, we proposed SSFs (Security Solution Frames), which are hierarchical combinations of related patterns. We introduce now a new artifact, the Security Cluster, an application-oriented combination of SSFs which further facilitates the use of security patterns to build secure applications. We also present a metamodel to get a perspective of the use of these artifacts.

Original languageEnglish
Pages (from-to)26-32
Number of pages7
JournalCEUR Workshop Proceedings
Volume2809
Publication statusPublished - 2021
Externally publishedYes
Event2018 International Workshop on Evidence-Based Security and Privacy in the Wild and the 1st International Workshop on Machine Learning Systems Engineering, WESPr-iMLSE 2018 - Nara, Japan
Duration: 2018 Dec 4 → …

Keywords

  • Secure software development
  • Security patterns
  • Software architecture
  • Software security
  • Systems security

ASJC Scopus subject areas

  • Computer Science(all)

Fingerprint

Dive into the research topics of 'Using a variety of patterns in a secure software development methodology'. Together they form a unique fingerprint.

Cite this