A Security Engineering Process based on Patterns

Authors:
Denis Hatebur;Maritta Heisel;Holger Schmidt
Affiliations:
ITESYS, Germany/ University of Duisburg-Essen, Germany;University of Duisburg-Essen, Germany;University of Duisburg-Essen, Germany
Venue:
DEXA '07 Proceedings of the 18th International Conference on Database and Expert Systems Applications
Year:
2007

Citing 0
Cited 6

From security patterns to implementation using petri nets

Proceedings of the fourth international workshop on Software engineering for secure systems
A Formal Metamodel for Problem Frames

MoDELS '08 Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems
Pattern-Based Confidentiality-Preserving Refinement

ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Extended Software Architecture Based on Security Patterns

Informatica
Identification of security requirements in systems of systems by functional security analysis

Architecting dependable systems VII
Threat and Risk-Driven Security Requirements Engineering

International Journal of Mobile Computing and Multimedia Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present a security engineering process based on security problem frames and concretized security problem frames. Both kinds of frames constitute patterns for analyzing security problems and associated solution approaches. They are arranged in a pattern system that makes dependencies between them explicit. We describe step-by-step how the pattern system can be used to analyze a given security problem and how solution approaches can be found. Further, we introduce a new frame that focuses on the privacy requirement anonymity.