Security engineering with patterns

Schumacher, Markus and Roedig, Utz (2001) Security engineering with patterns. In: Proceedings of the 8th Conference on Pattern Languages of Programs (PLoP 2001) :. UNSPECIFIED.

[thumbnail of plop01schumacher.pdf]
plop01schumacher.pdf - Submitted Version

Download (150kB)


Conducting digital business requires secure network and application architectures. The recently increasing occurrence of severe attacks has shown, however, that we will still need quite some time and effort to reach security standards of IT systems alike the standard already usual in other fields. At present, there is a huge gap between theory and the code of practice. Whereas scientists work on formal approaches for the specification and verification of security requirements, practitioners have to meet the users requirements. The Pattern Community recognized this problem, too. Patterns literally capture the experience from experts in a structured way. Thus novices can benefit from know-how and skills of experts. Hence, we propose to apply the pattern approach to the security problem. We show that recent security approaches are not sufficient and describe how Security Patterns contribute to the overall process of security engineering. A Security Pattern System provides linkage between Security Patterns. Thus dependencies between specific security problems can be considered in a comprehensive way.

Item Type:
Contribution in Book/Report/Proceedings
Uncontrolled Keywords:
?? qa75 electronic computers. computer science ??
ID Code:
Deposited By:
Deposited On:
18 Dec 2012 15:15
Last Modified:
11 Apr 2024 23:36