Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Computer Engineering
Categorization Of Security Design Patterns, Jeremiah Y. Dangler
Categorization Of Security Design Patterns, Jeremiah Y. Dangler
Electronic Theses and Dissertations
Strategies for software development often slight security-related considerations, due to the difficulty of developing realizable requirements, identifying and applying appropriate techniques, and teaching secure design. This work describes a three-part strategy for addressing these concerns. Part 1 provides detailed questions, derived from a two-level characterization of system security based on work by Chung et. al., to elicit precise requirements. Part 2 uses a novel framework for relating this characterization to previously published strategies, or patterns, for secure software development. Included case studies suggest the framework's effectiveness, involving the application of three patterns for secure design (Limited View, Role-Based Access Control, …