23rd Conference on Pattern Languages of Programs (PLoP'16) , 2016-10-24

Title : ( Securing Gang of Four Design Patterns )

Authors: Abbas Javan Jafari , Abbas Rasoolzadegan ,

Access to full-text not allowed by authors

Citation: BibTeX | EndNote

Abstract

Software design patterns are a means to specify common solutions to reoccurring design problems. Similarly, security design patterns provide a means to encapsulate common security solutions and mechanisms which are applicable at the design phase of the software development lifecycle. Security patterns have received considerable attention from the security community to introduce concepts such as authentication, access control and encryption to software design. Unfortunately, many well-known and commonly-used design patterns have been documented in the absence of security requirements. Using these patterns in the software development lifecycle can introduce new vulnerabilities into the system. Therefore, it is crucial that well-established design patterns such as GoF patterns should also evolve to accommodate new security requirements. In this paper we discuss the current state of security regarding GoF design patterns. We then propose a general methodology for securing design patterns. The proposed methodology is employed to secure the Mediator and Singleton patterns by enhancing their basic GoF counterparts in terms of fundamental security goals such as availability, integrity and confidentiality. Both patterns will undergo a vulnerability analysis phase to guide the extension process. The new versions of the Mediator and Singleton will be analyzed and validated in terms of both security capabilities and design flexibility.

Keywords

, Security Patterns, Gang of Four Design Patterns, Secure Mediator, Secure Singleton
برای دانلود از شناسه و رمز عبور پرتال پویا استفاده کنید.

@inproceedings{paperid:1057980,
author = {Javan Jafari, Abbas and Rasoolzadegan, Abbas},
title = {Securing Gang of Four Design Patterns},
booktitle = {23rd Conference on Pattern Languages of Programs (PLoP'16)},
year = {2016},
location = {Illinois, USA},
keywords = {Security Patterns; Gang of Four Design Patterns; Secure Mediator; Secure Singleton},
}

[Download]

%0 Conference Proceedings
%T Securing Gang of Four Design Patterns
%A Javan Jafari, Abbas
%A Rasoolzadegan, Abbas
%J 23rd Conference on Pattern Languages of Programs (PLoP'16)
%D 2016

[Download]