Andreas Wiesauer, Johannes Sametinger,
"A Security Design Pattern Taxonomy based on Attack Patterns"
: International Joint Conference on e-Business and Telecommunications, Milan, Italy, July 7-10, 2009, Seite(n) 387-394, 2009
A Security Design Pattern Taxonomy based on Attack Patterns
Sprache des Titels:
International Joint Conference on e-Business and Telecommunications, Milan, Italy, July 7-10, 2009
Security design patterns are proven solutions to security problems in a given context with constructive measures of how to design certain parts of a software system. The literature contains numerous definitions, examples, and taxonomies of such patterns. There are also a few quality criteria for them. We suggest a new taxonomy based on attack patterns in order to enhance applicability of security design patterns especially for non-experts in software security. We further suggest a combined consideration of attack patterns, security design patterns and test cases for the validation and evaluation of security design Patterns.