Upload
grant-stephens
View
212
Download
0
Embed Size (px)
Citation preview
Security Patterns Template and Security Patterns Template and TutorialTutorial
- Darrell M. Kienzle, Ph.D., Matthew C. Elder, Ph.D., David S. Tyree, James Edwards-Hewitt
Presented by Dan Frohlich
OverviewOverview
What is a Pattern?What is a Security Pattern?The Security Pattern Template.Related Work.
What is a Pattern?What is a Pattern?
Developed by Christopher Alexander for Architectural and Urban Planning
Made popular for software design by GoF.Definition: A solution to a problem in a
context.– Summary, solution and impact– Expanded to include recurrence, a teaching
component, and a name by J. Vlissides (GoF)
VariationsVariations
Architectural patterns.– Enterprise Level (System Patterns)
AntiPatterns.– Document common mistakes
Pattern Languages.– Families of solutions good for OO
Frameworks.
What is a Security Pattern?What is a Security Pattern?
Technique for encapsulating and disseminating security expertise.
Some but not all are design PatternsStructural Security Patterns
– Like GoF Design PatternsProcedural Security Patterns
– Improve the development process of secure software
Audience drives Level of DetailAudience drives Level of Detail
Concepts– General Strategies like “Least Privilege”
Classes of Patterns– General problem area with many solutions
Patterns– General enough to be used in many circumstances
Examples– A worked solution for a specific problem instance
The Security Pattern Template.The Security Pattern Template.
Pattern Name– Noun describing a thing to be built.
(Structural)– Verb describing recommended action.
(Procedural)Abstract
– Describes intent/purpose– Independent of context– Indicates limits on applicability.
The Security Pattern Template.The Security Pattern Template.
Aliases– Also Known As
Problem– Context for application– Motivation for use
Solution– Applicability / Rationale– How the Pattern solves the Problem
The Security Pattern Template.The Security Pattern Template.
Static Structure– Includes a Diagram if applicable or a note if
not– Enumerates the components of the Diagram
Dynamic Structure– Collaborations– Outlines Component interactions
The Security Pattern Template.The Security Pattern Template.
Implementation Issues– Detailed hints and techniques– Identify pitfalls, and guide reader around them
Common attacks– Identify attacks that interact with this pattern– Links to public databases
The Security Pattern Template.The Security Pattern Template.
Known Uses– Cite examples of this pattern from all 3 levels
when possible.– Code Level
Rely on language features.
– System LevelRely on OS features
– Network Level Implemented with network level components.
The Security Pattern Template.The Security Pattern Template.
Sample Code– Presented whenever possible.– Adds tangibility to an abstract idea.
Consequences– Each area should be discussed.– Accountability, Confidentiality, Integrity,
Availability, Performance, Cost, Manageability, Usability
The Security Pattern Template.The Security Pattern Template.
Related Patterns– Reference related patterns and the nature of
the relationshipReferences
– Enumerate citations related to the pattern
Related WorkRelated Work
Security Properties of Design Patterns– Security ramifications of GoF
NRL Patterns work– Formal verification of security-critical
softwarewww.security-patterns.de
– Collaborative site for security pattern developers
Related Work (cont.)Related Work (cont.)
OpenGroup Security Forum– Developing a library of architectural security
patterns.
QuestionsQuestions