An Analysis of the Security Patterns Landscape

Authors:
Thomas Heyman;Koen Yskout;Riccardo Scandariato;Wouter Joosen
Affiliations:
K.U. Leuven, Belgium;K.U. Leuven, Belgium;K.U. Leuven, Belgium;K.U. Leuven, Belgium
Venue:
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
Year:
2007

Citing 1
Cited 11

Building secure software: how to avoid security problems the right way

Building secure software: how to avoid security problems the right way

The 3rd International Workshop on Software Engineering for Secure Systems SESS07--Dependable and Secure

ICSE COMPANION '07 Companion to the proceedings of the 29th International Conference on Software Engineering
Security Requirements Elicitation Using Method Weaving and Common Criteria

Models in Software Engineering
An architecture-centric approach to detecting security patterns in software

ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
The security twin peaks

ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Applicability of security patterns

OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Connecting security requirements analysis and secure design using patterns and UMLsec

CAiSE'11 Proceedings of the 23rd international conference on Advanced information systems engineering
Exploring information security issues in public sector inter-organizational collaboration

EGOV'11 Proceedings of the 10th IFIP WG 8.5 international conference on Electronic government
(No) more design patterns for multi-agent systems

Proceedings of the compilation of the co-located workshops on DSM'11, TMC'11, AGERE!'11, AOOPES'11, NEAT'11, & VMIL'11
Does organizing security patterns focus architectural choices?

Proceedings of the 34th International Conference on Software Engineering
Reference deployment models for eliminating user concerns on cloud security

The Journal of Supercomputing
How to select a security requirements method? a comparative study with students and practitioners

NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems

Quantified Score

Hi-index	0.01

Visualization

Abstract

Architectural and design patterns represent effective techniques to package expert knowledge in a reusable way. Over time, they have proven to be very successful in software engineering. Moreover, in the security discipline, a well-known principle calls for the use of standard, time-tested solutions rather than inventing ad-hoc solutions from scratch. Clearly, security patterns provide a way to adhere to this principle. However, their adoption does not live up to their potential. To understand the reasons, this paper analyzes an extensive set of published security patterns according to several dimensions and outlines the directions for improvement.