Towards a generic process for security pattern integration

Andreas Fuchs, Sigrid Gürgens, Carsten Rudolph

Research output: Chapter in Book/Report/Conference proceedingConference PaperResearchpeer-review

4 Citations (Scopus)

Abstract

Interdependencies between different security patterns can influence the properties of a particular pattern when applied in conjunction with other patterns. The resulting properties will often be weaker due to the possibility of new attacks. In this paper we introduce a mechanism that leads towards a generic process for pattern integration. As an example, we use the interesting case in which the proper integration of two patterns provides stronger security properties than the simple unification of the two properties. Formally, this increase in security is achieved by linking parameters of refined versions of the individual properties. The example shows the combination of two different authenticity properties (authenticity of a device based on trusted platform module functionality and authenticity of a user by using SSL). Remarkably, previously proposed combinations of solutions do not satisfy the desired integrated security properties. This indicates that pattern integration requires means that go beyond simple unification. Our pattern integration process presents a first step in this direction.

Original languageEnglish
Title of host publicationProceedings - 20th International Workshop on Database and Expert Systems Applications, DEXA2009
Pages171-175
Number of pages5
DOIs
Publication statusPublished - 2009
Externally publishedYes
EventInternational Workshop on Secure Systems Methodologies Using Patterns 2009 - Linz, Austria
Duration: 31 Aug 20094 Sept 2009
Conference number: 3rd
https://ieeexplore.ieee.org/xpl/conhome/5337077/proceeding (Proceedings)

Conference

ConferenceInternational Workshop on Secure Systems Methodologies Using Patterns 2009
Abbreviated titleSPattern 2009
Country/TerritoryAustria
CityLinz
Period31/08/094/09/09
OtherHeld within the "International Conference on Database and Expert Systems Applications 2009"
Internet address

Cite this