Security Patterns Template and Tutorial - Darrell M. Kienzle, Ph.D., Matthew C. Elder, Ph.D., David S. Tyree, James Edwards-Hewitt Presented by Dan Frohlich.

Slides:



Advertisements
Similar presentations
.NET Technology. Introduction Overview of.NET What.NET means for Developers, Users and Businesses Two.NET Research Projects:.NET Generics AsmL.
Advertisements

Ch:8 Design Concepts S.W Design should have following quality attribute: Functionality Usability Reliability Performance Supportability (extensibility,
Design Patterns: What they are, what they’re not, and why you should care Jenifer Tidwell Boston IxDA Thursday, September 20, 2007.
ARCH-05 Application Prophecy UML 101 Peter Varhol Principal Product Manager.
ARCH-01: Introduction to the OpenEdge™ Reference Architecture Don Sorcinelli Applied Technology Group.
Design Patterns in Web Programming Nathan Wallace March 2000 Introduction About Me Why listen to me? What am I talking about? Disclaimer Design Patterns.
A Brief Introduction. Acknowledgements  The material in this tutorial is based in part on: Concurrency: State Models & Java Programming, by Jeff Magee.
Systems Analysis and Design 8th Edition
Chapter 22 Object-Oriented Systems Analysis and Design and UML Systems Analysis and Design Kendall and Kendall Fifth Edition.
1 IBM SanFrancisco Product Evaluation Negotiated Option Presentation By Les Beckford May 2001.
Design and Programming Patterns Associated with Java Networking by Margaret Toews cs843, Spring 2003.
PowerPoint Presentation for Dennis, Wixom & Tegarden Systems Analysis and Design Copyright 2001 © John Wiley & Sons, Inc. All rights reserved. Slide 1.
Design Patterns William A. Hoffman NYU OOP Class.
HAS. Patterns The use of patterns is essentially the reuse of well established good ideas. A pattern is a named well understood good solution to a common.
Systems Analysis & Design Sixth Edition Systems Analysis & Design Sixth Edition Toolkit Part 5.
Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Design Patterns.
PRESENTED BY SANGEETA MEHTA EECS810 UNIVERSITY OF KANSAS OCTOBER 2008 Design Patterns.
Sharif University of Technology Session # 7.  Contents  Systems Analysis and Design  Planning the approach  Asking questions and collecting data 
1 An introduction to design patterns Based on material produced by John Vlissides and Douglas C. Schmidt.
Introduction to software design patterns For CSE 3902 By: Matt Boggus.
Design Patterns Discussion of pages: xi-11 Sections: Preface, Forward, Chapter
Proceso kintamybių modeliavimas Modelling process variabilities Donatas Čiukšys.
Design Patterns Trends and Case Study John Hurst June 2005.
What is SMEcollaborate Primarily developed for Small and Medium Companies who wish to collaborate together. It is a:- A resource center for collaborating.
SWE 316: Software Design and Architecture – Dr. Khalid Aljasser Objectives Lecture 11 : Frameworks SWE 316: Software Design and Architecture  To understand.
© 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley 1 A Discipline of Software Design.
Design patterns. What is a design pattern? Christopher Alexander: «The pattern describes a problem which again and again occurs in the work, as well as.
Copyright 2007 © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Introduction to Design Patterns (1). Definition: “ In software engineering, a design pattern is a general reusable solution to a commonly occurring problem.
An Introduction to Design Patterns. Introduction Promote reuse. Use the experiences of software developers. A shared library/lingo used by developers.
Unified Modeling Language, Version 2.0
101 User Interface Patterns and its applications Tonya Groover Department of Computer Science.
SOFTWARE DESIGN AND ARCHITECTURE LECTURE 27. Review UML dynamic view – State Diagrams.
Odyssey A Reuse Environment based on Domain Models Prepared By: Mahmud Gabareen Eliad Cohen.
A Reference Model for Event Patterns Christian Silberbauer
Patterns and Reuse. Patterns Reuse of Analysis and Design.
University of Southern California Center for Systems and Software Engineering Model-Based Software Engineering Supannika Koolmanojwong Spring 2013.
Object-Oriented Design Principles and Patterns. © 2005, James R. Vallino2 How Do You Design? What principles guide you when you create a design? What.
Systems Analysis & Design 7 th Edition Chapter 5.
Systems Analysis and Design 8 th Edition Chapter 6 Object Modeling.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 11 Slide 1 Design.
1 A Brief Introduction to Design Patterns Based on materials from Doug Schmidt 1.
Object-Oriented Modeling: Static Models. Object-Oriented Modeling Model the system as interacting objects Model the system as interacting objects Match.
Copyright © Active Frameworks Inc. - All Rights Reserved - V2.0Design Pattern Catalog - Page L3-1 PS95&96-MEF-L10-1 Dr. M.E. Fayad Creationa.
CS616: Software Engineering Spring 2009 Design Patterns Sami Taha.
Advanced Object-Oriented Design Patterns and Architectures Part One COEN396A John Xiao
Design of an Integrated Robot Simulator for Learning Applications Brendon Wilson April 15th, 1999.
1 Introduction to Design. 2 Outline Basics of design Design approaches.
1 Unified Modeling Language, Version 2.0 Chapter 2.
CIS 4910 Information Systems Development Project Project Documentation.
UML Course Instructor: Rizwana Noor. Overview  Modeling  What is UML?  Why UML?  UML Diagrams  Use Case  Components  Relationships  Notations.
Banaras Hindu University. A Course on Software Reuse by Design Patterns and Frameworks.
Discussing “Developing Secure Systems with UMLSec” 15 FEB Joe Combs.
Sakai UI Design Patterns Design Patterns WG 12-Jun-2007, 14:05 Marc Brierley.
Slide 1 Unified Modeling Language, Version 2.0 Object-Oriented SAD.
Design Rules for NBD – Network Based Defence
GRASP – Designing Objects with Responsibilities
Design Patterns: MORE Examples
Chapter 1: Introduction to Systems Analysis and Design
UNIT 1.
CSCE 548 Secure Software Development Use Cases Misuse Cases
Software Design Patterns
Introduction to Design Patterns
A Brief Introduction to Design Patterns
Systems Analysis and Design With UML 2
Object-Orientated Programming
Patterns.
Chapter 1: Introduction to Systems Analysis and Design
Chapter 22 Object-Oriented Systems Analysis and Design and UML
Chapter 1: Introduction to Systems Analysis and Design
Presentation transcript:

Security Patterns Template and Tutorial - Darrell M. Kienzle, Ph.D., Matthew C. Elder, Ph.D., David S. Tyree, James Edwards-Hewitt Presented by Dan Frohlich

Overview What is a Pattern? What is a Security Pattern? The Security Pattern Template. Related Work.

What is a Pattern? Developed by Christopher Alexander for Architectural and Urban Planning Made popular for software design by GoF. Definition: A solution to a problem in a context. –Summary, solution and impact –Expanded to include recurrence, a teaching component, and a name by J. Vlissides (GoF)

Variations Architectural patterns. –Enterprise Level (System Patterns) AntiPatterns. –Document common mistakes Pattern Languages. –Families of solutions good for OO Frameworks.

What is a Security Pattern? Technique for encapsulating and disseminating security expertise. Some but not all are design Patterns Structural Security Patterns –Like GoF Design Patterns Procedural Security Patterns –Improve the development process of secure software

Audience drives Level of Detail Concepts –General Strategies like “Least Privilege” Classes of Patterns –General problem area with many solutions Patterns –General enough to be used in many circumstances Examples –A worked solution for a specific problem instance

The Security Pattern Template. Pattern Name –Noun describing a thing to be built. (Structural) –Verb describing recommended action. (Procedural) Abstract –Describes intent/purpose –Independent of context –Indicates limits on applicability.

The Security Pattern Template. Aliases –Also Known As Problem –Context for application –Motivation for use Solution –Applicability / Rationale –How the Pattern solves the Problem

The Security Pattern Template. Static Structure –Includes a Diagram if applicable or a note if not –Enumerates the components of the Diagram Dynamic Structure –Collaborations –Outlines Component interactions

The Security Pattern Template. Implementation Issues –Detailed hints and techniques –Identify pitfalls, and guide reader around them Common attacks –Identify attacks that interact with this pattern –Links to public databases

The Security Pattern Template. Known Uses –Cite examples of this pattern from all 3 levels when possible. –Code Level Rely on language features. –System Level Rely on OS features –Network Level Implemented with network level components.

The Security Pattern Template. Sample Code –Presented whenever possible. –Adds tangibility to an abstract idea. Consequences –Each area should be discussed. –Accountability, Confidentiality, Integrity, Availability, Performance, Cost, Manageability, Usability

The Security Pattern Template. Related Patterns –Reference related patterns and the nature of the relationship References –Enumerate citations related to the pattern

Related Work Security Properties of Design Patterns –Security ramifications of GoF NRL Patterns work –Formal verification of security-critical software –Collaborative site for security pattern developers

Related Work (cont.) OpenGroup Security Forum –Developing a library of architectural security patterns.

Questions

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.