The Place and Role of Security Patterns in Software Development Process

Oleksiy Mazhelis; Anton Naumenko

doi:10.5220/0002478700910100

The Place and Role of Security Patterns in Software Development Process

Oleksiy Mazhelis, Anton Naumenko

2006

Abstract

Security is one of the key quality attributes for many contemporary software products. Designing, developing, and maintaining such software necessitates the use of a secure-software development process which specifies how achieving this quality goal can be supported throughout the development life-cycle. In addition to satisfying the explicitly-stated functional security requirements, such process is aimed at minimising the number of vulnerabilities in the design and the implementation of the software. The secure software development is a challenging task spanning various stages of the development process. This inherent difficulty may be to some extent alleviated by the use of the so-called security patterns, which encapsulate knowledge about successful solutions to recurring security problems. The paper provides an overview of the state of the art in the secure software development processes and describes the role and place of security patterns in these processes. The current usage of patterns in the secure software development is analysed, taking into account both the role of patterns in the development processes, and the limitations of the security patterns available.

Download

Paper Citation

in Harvard Style

Mazhelis O. and Naumenko A. (2006). The Place and Role of Security Patterns in Software Development Process . In Proceedings of the 4th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2006) ISBN 978-972-8865-52-8, pages 91-100. DOI: 10.5220/0002478700910100

in Bibtex Style

@conference{wosis06,
author={Oleksiy Mazhelis and Anton Naumenko},
title={The Place and Role of Security Patterns in Software Development Process},
booktitle={Proceedings of the 4th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2006)},
year={2006},
pages={91-100},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002478700910100},
isbn={978-972-8865-52-8},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 4th International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2006)
TI - The Place and Role of Security Patterns in Software Development Process
SN - 978-972-8865-52-8
AU - Mazhelis O.
AU - Naumenko A.
PY - 2006
SP - 91
EP - 100
DO - 10.5220/0002478700910100