论文信息 - Security Design Patterns: Survey and Evaluation

Security Design Patterns: Survey and Evaluation

Security design patterns have been proposed recently as a tool for the improvement of software security during the architecture and design phases. Since the appearance of this research topic in 1997, several catalogs have emerged, and the security pattern community has produced significant contributions, with many related to design. In this paper, we survey major contributions in the state of the art in the field of security design patterns and assess their quality in the context of an established classification. From our results, we determined a classification of inappropriate pattern qualities. Using a six sigma approach, we propose a set of desirable properties that would prevent flaws in new design patterns, as well as a template for expressing them

[1] Ralph Johnson,et al. design patterns elements of reusable object oriented software , 2019 .

[2] Joseph W. Yoder,et al. Architectural Patterns for Enabling Application Security , 1998 .

[3] Eduardo B. Fernández,et al. A Pattern System for Access Control , 2004, DBSec.

[4] Ricardo Dahab,et al. Tropyc: A Pattern Language for Cryptographic Software , 1998 .

[5] Susan Carlson Skalak. House of Quality , 2002 .

[6] Eduardo B. Fernandez,et al. A pattern language for security models , 2001 .

[7] Eduardo B. Fernandez,et al. The Authenticator Pattern , 1999 .