Security Engineering with Patterns [electronic resource] :Origins, Theoretical Model, and New Applications /
Contributor(s): SpringerLink (Online service).Material type: BookSeries: Lecture Notes in Computer Science: 2754Publisher: Berlin, Heidelberg : Springer Berlin Heidelberg, 2003.Description: XIV, 210 p. online resource.Content type: text Media type: computer Carrier type: online resourceISBN: 9783540451808.Subject(s): Computer science | Science | Computer communication systems | Software engineering | Operating systems (Computers) | Computers and civilization | Management information systems | Computer Science | Software Engineering | Science, general | Computer Communication Networks | Operating Systems | Computers and Society | Management of Computing and Information SystemsOnline resources: Click here to access online
1. Introduction -- 2. Patterns in Software Development -- 3. Ontologies -- 4. The Human Factor -- 5. Classifying Security Improvement Artifacts -- 6. Toward a Security Core Ontology -- 7. Foundations of Security Patterns -- 8. A Theoretical Model for Security Patterns -- 9. New Applications of Security Patterns -- 10. Summary and Outlook -- A. Sources for Mining Security Patterns -- B. Example Security Patterns and Annotations -- C. Ontology Development -- D. F-Logic Primer -- E. Gaining Security Expertise.
For quite some time, in systems and software design, security only came as a second thought or even as a nice-to-have add-on. However, since the breakthrough of the Internet as a virtual backbone for electronic commerce and similar applications, security is now recognized as a fundamental requirement. This book presents a systematic security improvement approach based on the pattern paradigm. The author first clarifies the key concepts of security patterns, defines their semantics and syntax, demonstrates how they can be used, and then compares his model with other security approaches. Based on the author's model and best practice in security patterns, security novices are now in a position to understand how security experts solve problems and can basically act like them by using the patterns available as building blocks for their designs.