Software design patterns are a means to specify common solutions to reoccurring design problems. Similarly, security design patterns provide a means to encapsulate common security solutions and mechanisms which are applicable at the design phase of the software development lifecycle. Security patterns have received considerable attention from the security community to introduce concepts such as authentication, access control and encryption to software design. Unfortunately, many well-known and commonly-used design patterns have been documented in the absence of security requirements. Using these patterns in the software development lifecycle can introduce new vulnerabilities into the system. Therefore, it is crucial that well-established design patterns such as GoF patterns should also evolve to accommodate new security requirements. In this paper we discuss the current state of security regarding GoF design patterns. We then propose a general methodology for securing design patterns. The proposed methodology is employed to secure the Mediator and Singleton patterns by enhancing their basic GoF counterparts in terms of fundamental security goals such as availability, integrity and confidentiality. Both patterns will undergo a vulnerability analysis phase to guide the extension process. The new versions of the Mediator and Singleton will be analyzed and validated in terms of both security capabilities and design flexibility.

Keywords