Classifying security patterns

Eduardo B. Fernandez; Hironori Washizaki; Nobukazu Yoshioka; Atsuto Kubo; Yoshiaki Fukazawa

doi:10.1007/978-3-540-78849-2_35

Classifying security patterns

Eduardo B. Fernandez, Hironori Washizaki, Nobukazu Yoshioka, Atsuto Kubo, Yoshiaki Fukazawa

School of Fundamental Science and Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

29 Citations (Scopus)

Abstract

Patterns combine experience and good practices to develop basic models that can be used for new designs. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. In addition to their value for new system design, security patterns are useful to evaluate existing systems. They are also useful to compare security standards and to verify that products comply with some standard. A variety of security patterns has been developed for the construction of secure systems and catalogs of them are appearing. However, catalogs of patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. We discuss here several ways to classify patterns. We show a way to use these classifications through pattern diagrams where a designer can navigate to perform her pattern selection.

Original language	English
Title of host publication	Progress in WWW Research and Development - 10th Asia-Pacific Web Conference, APWeb 2008, Proceedings
Pages	342-347
Number of pages	6
DOIs	https://doi.org/10.1007/978-3-540-78849-2_35
Publication status	Published - 2008
Event	10th Asia Pacific Conference on Web Technology, APWeb 2008 - Shenyang, China Duration: 2008 Apr 26 → 2008 Apr 28

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	4976 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	10th Asia Pacific Conference on Web Technology, APWeb 2008
Country/Territory	China
City	Shenyang
Period	08/4/26 → 08/4/28

Keywords

Pattern classification
Secure system development
Security patterns
System architecture

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-540-78849-2_35

Cite this

Fernandez, E. B., Washizaki, H., Yoshioka, N., Kubo, A., & Fukazawa, Y. (2008). Classifying security patterns. In Progress in WWW Research and Development - 10th Asia-Pacific Web Conference, APWeb 2008, Proceedings (pp. 342-347). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4976 LNCS). https://doi.org/10.1007/978-3-540-78849-2_35

Classifying security patterns. / Fernandez, Eduardo B.; Washizaki, Hironori ; Yoshioka, Nobukazu et al.
Progress in WWW Research and Development - 10th Asia-Pacific Web Conference, APWeb 2008, Proceedings. 2008. p. 342-347 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4976 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Fernandez, EB, Washizaki, H , Yoshioka, N, Kubo, A & Fukazawa, Y 2008, Classifying security patterns. in Progress in WWW Research and Development - 10th Asia-Pacific Web Conference, APWeb 2008, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4976 LNCS, pp. 342-347, 10th Asia Pacific Conference on Web Technology, APWeb 2008, Shenyang, China, 08/4/26. https://doi.org/10.1007/978-3-540-78849-2_35

Fernandez EB, Washizaki H , Yoshioka N, Kubo A, Fukazawa Y. Classifying security patterns. In Progress in WWW Research and Development - 10th Asia-Pacific Web Conference, APWeb 2008, Proceedings. 2008. p. 342-347. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-540-78849-2_35

@inproceedings{f05c24c2fa8b45069415383e5b97681d,

title = "Classifying security patterns",

abstract = "Patterns combine experience and good practices to develop basic models that can be used for new designs. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. In addition to their value for new system design, security patterns are useful to evaluate existing systems. They are also useful to compare security standards and to verify that products comply with some standard. A variety of security patterns has been developed for the construction of secure systems and catalogs of them are appearing. However, catalogs of patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. We discuss here several ways to classify patterns. We show a way to use these classifications through pattern diagrams where a designer can navigate to perform her pattern selection.",

keywords = "Pattern classification, Secure system development, Security patterns, System architecture",

author = "Fernandez, {Eduardo B.} and Hironori Washizaki and Nobukazu Yoshioka and Atsuto Kubo and Yoshiaki Fukazawa",

year = "2008",

doi = "10.1007/978-3-540-78849-2_35",

language = "English",

isbn = "3540788484",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

pages = "342--347",

booktitle = "Progress in WWW Research and Development - 10th Asia-Pacific Web Conference, APWeb 2008, Proceedings",

note = "10th Asia Pacific Conference on Web Technology, APWeb 2008 ; Conference date: 26-04-2008 Through 28-04-2008",

}

TY - GEN

T1 - Classifying security patterns

AU - Fernandez, Eduardo B.

AU - Washizaki, Hironori

AU - Yoshioka, Nobukazu

AU - Kubo, Atsuto

AU - Fukazawa, Yoshiaki

PY - 2008

Y1 - 2008

N2 - Patterns combine experience and good practices to develop basic models that can be used for new designs. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. In addition to their value for new system design, security patterns are useful to evaluate existing systems. They are also useful to compare security standards and to verify that products comply with some standard. A variety of security patterns has been developed for the construction of secure systems and catalogs of them are appearing. However, catalogs of patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. We discuss here several ways to classify patterns. We show a way to use these classifications through pattern diagrams where a designer can navigate to perform her pattern selection.

AB - Patterns combine experience and good practices to develop basic models that can be used for new designs. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. In addition to their value for new system design, security patterns are useful to evaluate existing systems. They are also useful to compare security standards and to verify that products comply with some standard. A variety of security patterns has been developed for the construction of secure systems and catalogs of them are appearing. However, catalogs of patterns are not enough because the designer does not know when and where to apply them, especially in a large complex system. We discuss here several ways to classify patterns. We show a way to use these classifications through pattern diagrams where a designer can navigate to perform her pattern selection.

KW - Pattern classification

KW - Secure system development

KW - Security patterns

KW - System architecture

UR - http://www.scopus.com/inward/record.url?scp=43749110915&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=43749110915&partnerID=8YFLogxK

U2 - 10.1007/978-3-540-78849-2_35

DO - 10.1007/978-3-540-78849-2_35

M3 - Conference contribution

AN - SCOPUS:43749110915

SN - 3540788484

SN - 9783540788485

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 342

EP - 347

BT - Progress in WWW Research and Development - 10th Asia-Pacific Web Conference, APWeb 2008, Proceedings

T2 - 10th Asia Pacific Conference on Web Technology, APWeb 2008

Y2 - 26 April 2008 through 28 April 2008

ER -

Classifying security patterns

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this