A Methodology for Mining Security Tactics from Security Patterns

Although many aids such as architectural styles and patterns are now available for software architects, making optimal design decisions on appropriate architectural structures still requires significant creativity. In an effort to introduce a more direct link between an architectural decision and its consequences, a finer grained architectural concept called a tactic has emerged. Since its introduction, many tactics have been identified and used in real- life applications. However, the number of tactics discovered is not sufficient to cover all the necessary aspects of architectural decision making. The tactics could be created from scratch, but it would be more efficient if tactics could be mined from a proven source. One possible source is any architectural pattern that consists of tactics. Therefore, in this paper we propose a novel way to retrieve tactics from well known patterns. Among the many different types of existing patterns, this paper focuses on security patterns.