|
Design patterns can be applied to achieve goals in the area of security. All of the classical design patterns have different instantiations to fulfill some information security goal: such as confidentiality, integrity, and availability. Additionally, one can create a new design pattern to specifically achieve some security goal. == Existing security pattern == The pattern community has provided a collection of security patterns, which were discussed in workshops at Pattern Languages of Programs (PLoP) conferences. They have been unified and published in a joint project.〔Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, Peter Sommerlad. Security Patterns: Integrating Security and Systems Engineering, Wiley Series in Software Design Patterns, 2005.〕 Munawar Hafiz and colleagues worked with Ward Cunningham and Microsoft Patterns and Practices group on a comprehensive catalog of all published security patterns. They have also explored how to classify the patterns in small groups〔Munawar Hafiz, Paul Adamczyk and Ralph Johnson. Organizing Security Patterns. In IEEE Software Special Issue on Software Patterns, Jul/Aug 2007〕 and how to organize them using a pattern language.〔Munawar Hafiz, Paul Adamczyk and Ralph Johnson. Growing a Pattern Language (for Security). In Proceedings of the 27th Object-Oriented Programming, Systems, Languages and Applications, OOPSLA 2012, Oct 2012〕 As of March 2013, their pattern catalog contains 97 security patterns. More details are available in the webpage maintained the Munawar Hafiz.〔Munawar Hafiz. Security Pattern Catalog. http://www.munawarhafiz.com/securitypatterncatalog/index.php〕 From Sun Microsystems, Ramesh Nagappan and Christopher Steel worked together to release a Comprehensive Security Patterns and Security Solution Catalog with Best Practices guidance for Java applications, XML Web Services, Identity Management and Identity provisioning.〔Ramesh Nagappan, Christopher Steel - Core Security Patterns Catalog. http://coresecuritypatterns.com/patterns.htm〕 The Open Group provides a set of documented security pattern. 抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Security Patterns」の詳細全文を読む スポンサード リンク
|