Issues Affecting Security Design Pattern Engineering
نویسندگان
چکیده
Security Design Patterns present the tried and tested design decisions made by security engineers within a well documented format. Patterns allow for complex security concepts, and mechanisms, to be expressed such that non-domain experts can make use of them. Our research is concerned with the development of pattern languages for advanced crypto-systems. From our experience developing pattern languages we have encountered several recurring issues within security design pattern engineering. These issues, if not addressed, will affect the adoption of security design patterns. This paper describes these issues and discusses how they could be addressed.
منابع مشابه
Introducing Security in a Chemical Engineering Design Course Using Adaptive Online Learning
The Education program of the NSF TRUST Science and Technology Center aims to develop and disseminate on-line learning resources that can be used by educators to address security issues in multiple disciplines and multi-disciplinary contexts. We report on a pilot project for this approach where an on-line module was created to introduce security issues in a chemical engineering capstone design c...
متن کاملPattern Recognition Systems under Attack: Design Issues and Research Challenges
We analyze the problem of designing pattern recognition systems in adversarial settings, under an engineering viewpoint, motivated by their increasing exploitation in security-sensitive applications like spam and malware detection, despite their vulnerability to potential attacks has not yet been deeply understood. We first review previous work and report examples of how a complex system may be...
متن کاملModel Driven Security: From UML Models to Access Control Infrastructres
Requirements affecting security are often poorly integrated in the overall system software development process. Reasons for this may be differences in the activities carried out to achieve the project goal or the kind of used representations (text vs. graphical representation). As a consequence the security engineering part, which deals with the mentioned security sensitive aspects, is often ca...
متن کاملSurvey: Classification & Validation of Security Patterns in SDLC
In software engineering, expert guidance is encapsulated in the form of security design patterns which provide reusable solutions to recurring security specific problems. More security design patterns catalogs are available and the security pattern community has produced significant contributions with this patterns, many of them are applicable to design phase. We believe it is better to explain...
متن کاملA Business Process Engineering Based Approach Towards Incorporating Security in the Design of Global Information Systems
IT security has become one of the key issues in information systems and the more global an information system, the bigger the threats it becomes exposed to. The technology to make information systems safe exists, however organisational and design aspects of such systems still need to be addressed. Security is usually not dealt with at the level of business processes and so security policies are...
متن کامل