论文信息 - Security Patterns Related to Security Requirements

Security Patterns Related to Security Requirements

In the information technology environment, patterns give information system architects a method for defining reusable solutions to design problems. The purpose of using patterns is to create a reusable design element. We can obtain, in a systematic way, a security software architecture that contains a set of security design patterns from the security requirements found. Several important aspects of building software systems with patterns are not addressed yet by today’s pattern descriptions. Examples include the integration of a pattern into a partially existing design, and the combination of patterns into larger designs. Now, we want to use these patterns in our architectures, designs, and implementations.

Mario Piattini | Eduardo Fernández-Medina | David G. Rosado | Carlos Gutiérrez

[1] Markus Schumacher,et al. Security Engineering with Patterns , 2003, Lecture Notes in Computer Science.

[2] Mario R. Barbacci,et al. Quality Attribute Workshops (QAWs), Third Edition , 2003 .

[3] Miroslav Kis. Information Security Antipatterns in Software Requirements Engineering , 2002 .

[4] Eduardo B. Fernandez,et al. The Authenticator Pattern , 1999 .

[5] Jay Ramachandran,et al. Designing Security Architecture Solutions , 2002 .

[6] Murray Silverstein,et al. A Pattern Language , 1977 .

[7] Mourad Debbabi,et al. Security Design Patterns: Survey and Evaluation , 2006, 2006 Canadian Conference on Electrical and Computer Engineering.

[8] Donald Firesmith,et al. Common Concepts Underlying Safety, Security, and Survivability Engineering , 2003 .

[9] Ralph Johnson,et al. design patterns elements of reusable object oriented software , 2019 .

[10] Ricardo Dahab,et al. Tropyc: A Pattern Language for Cryptographic Software , 1998 .

[11] Xiaowen Wang,et al. Supporting Security Sensitive Architecture Design , 2005, QoSA/SOQUA.

[12] Donald Firesmith,et al. Specifying Reusable Security Requirements , 2004, J. Object Technol..

[13] Joseph W. Yoder,et al. Architectural Patterns for Enabling Application Security , 1998 .

[14] Eduardo B. Fernandez,et al. A pattern language for security models , 2001 .