Category Archives: Patterns

Pattern Contributions at Conferences & Workshops

We are aware of the following contributions which focus on security (and somehow related) patterns. In order to reflect the evolution of security patterns they are presented in chronological order (most recent patterns first).

Posted in Patterns | Comments Off on Pattern Contributions at Conferences & Workshops

Information Security Antipatterns in Software Requirements Engineering

Abstract: “Requirements engineering is one of the key activities in the software development process. The rapid expansion of e-commerce and internet applications increases the need for adequate application security. Yet, conventional requirements engineering methodologies rarely mention information security aspects. The … Continue reading

Posted in Patterns | Leave a comment

Information Security Antipatterns in Software Requirements Engineering

“Requirements engineering is one of the key activities in the software development process. The rapid expansion of e-commerce and internet applications increases the need for adequate application security. Yet, conventional requirements engineering methodologies rarely mention information security aspects. The information … Continue reading

Posted in Patterns | Leave a comment

Security Design Patterns

These patterns extend Yoder’s Application Security patterns to the network level. Sasha wrote: “These are a good start, but when we consider the issues that arise when securing a networked application there are others that will apply.” Enjoy reading.

Posted in Patterns | Leave a comment

A Pattern Language for Key Management

Abstract: Many services in a distributed public network − like the Internet − require secure communications. Security in communications consists of integrity, authenticity, confidentiality and non−repudiability. These aims can be achieved with cryptography. Key management plays a fundamental role in secure … Continue reading

Posted in Patterns | Leave a comment

A Pattern Language for Security Models

Abstract: Security is a serious problem in the Internet and it is necessary to build new systems incorporating security as integral part of their design. The use of patterns is a good tool to help designers build secure systems. We discuss … Continue reading

Posted in Patterns | Leave a comment

Metadata and Authorization Patterns

Abstract: We consider the use of metalevels in a hierarchically layered architecture for objectoriented systems and we look at the specification of authorization rules in a specific metalevel. These constraints can be defined using patterns and are enforced by the … Continue reading

Posted in Patterns | Leave a comment

The Object Filter and Access Control Framework

Abstract: The amount of data available in the Internet is growing every day. It has become necessary to protect and filter out this data for institutional and legislative reasons. We assume here that data is stored as objects in a … Continue reading

Posted in Patterns | Leave a comment

The Authenticator Pattern

Abstract: A server system acting as a repository of objects available to a variety of unrelated distributed clients is likely to require a means to restrict access based on the identity of the requesting client. Identification and authentication protocols are … Continue reading

Posted in Patterns | Leave a comment

A Pattern Language for Cryptographic Software

Patterns contained are: Information Secrecy Message Authentication Message Integrity Sender Authentication Secrecy with Authentication Secrecy with Signature Secrecy with Integrity Signature with Appendix Secrecy with Signature with Appendix Enjoy reading this piece of work.

Posted in Patterns | Leave a comment