TY - GEN
T1 - Classifying security patterns
AU - Fernandez, Eduardo B.
AU - Washizaki, Hironori
AU - Yoshioka, Nobukazu
AU - Kubo, Atsuto
AU - Fukazawa, Yoshiaki
PY - 2008
Y1 - 2008
N2 - Patterns combine experience and good practices to develop basic models that can be used for new designs. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. In addition to their value for new system design, security patterns are useful to evaluate existing systems. They are also useful to compare security standards and to verify that products comply with some standard. A variety of security patterns has been developed for the construction of secure systems and catalogs of them are appearing. However, catalogs of patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. We discuss here several ways to classify patterns. We show a way to use these classifications through pattern diagrams where a designer can navigate to perform her pattern selection.
AB - Patterns combine experience and good practices to develop basic models that can be used for new designs. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. In addition to their value for new system design, security patterns are useful to evaluate existing systems. They are also useful to compare security standards and to verify that products comply with some standard. A variety of security patterns has been developed for the construction of secure systems and catalogs of them are appearing. However, catalogs of patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. We discuss here several ways to classify patterns. We show a way to use these classifications through pattern diagrams where a designer can navigate to perform her pattern selection.
KW - Pattern classification
KW - Secure system development
KW - Security patterns
KW - System architecture
UR - http://www.scopus.com/inward/record.url?scp=43749110915&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=43749110915&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-78849-2_35
DO - 10.1007/978-3-540-78849-2_35
M3 - Conference contribution
AN - SCOPUS:43749110915
SN - 3540788484
SN - 9783540788485
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 342
EP - 347
BT - Progress in WWW Research and Development - 10th Asia-Pacific Web Conference, APWeb 2008, Proceedings
T2 - 10th Asia Pacific Conference on Web Technology, APWeb 2008
Y2 - 26 April 2008 through 28 April 2008
ER -