Security Patterns
Encyclopedia
Design pattern
can be applied to achieve goals in the area of security. Every classical design pattern has different instantiations to fulfill some of the information security
goals as confidentiality, integrity or availability. Additionally one can add new design pattern specifically to achieve some security goals.
The Open Group
provides a set of documented security pattern.
The protected system pattern provides some reference monitor or enclave that owns the resources and therefor must be bypassed to get access. The monitor enforces as the single point a policy. The GoF refers to it as "Protection Proxy".
The policy pattern is an architecture to decouple the policy from the normal resource code. An authenticated user owns a security context (erg. a role) that is passed to the guard of resource. The guard checks inside the policy whether the context of this user and the rules match and provides or denies access to the resource.
The authenticator pattern is also known as the Pluggable Authentication Modules
or Java Authentication and Authorization Service (JAAS).
Design pattern (computer science)
In software engineering, a design pattern is a general reusable solution to a commonly occurring problem within a given context in software design. A design pattern is not a finished design that can be transformed directly into code. It is a description or template for how to solve a problem that...
can be applied to achieve goals in the area of security. Every classical design pattern has different instantiations to fulfill some of the information security
Information security
Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction....
goals as confidentiality, integrity or availability. Additionally one can add new design pattern specifically to achieve some security goals.
Existing security pattern
The pattern community provides a collection of many security patterns that were discussed in workshops at Pattern Languages of Programs (PLoP) conferences. They have been unified and published in a joint project. Heyman and Yskout have also collected and analyzed a massive amount of security patterns.The Open Group
The Open Group
The Open Group is a vendor and technology-neutral industry consortium, currently with over three hundred member organizations. It was formed in 1996 when X/Open merged with the Open Software Foundation...
provides a set of documented security pattern.
Available system patterns
These are patterns that are concerned with the availability of the assets. The assets are either services or resources offered to users.- Check pointed System pattern describes a design to use Replication (computer science)Replication (computer science)Replication is the process of sharing information so as to ensure consistency between redundant resources, such as software or hardware components, to improve reliability, fault-tolerance, or accessibility. It could be data replication if the same data is stored on multiple storage devices, or...
and recover when a component fails. - Standby pattern has the goal to provide a fall back component able to resume the service of the failing component.
- Comparator-checked fault tolerant system pattern provides a way to monitor the failure free behavior of a component.
- Replicated system pattern describes a design of redundant components and a mean of load balancing and redirection in between to decrease the chance of non availability of the service.
- Error detection/correction pattern has the goal to deduce errors and possibly correct them to guarantee correct information exchange or storage.
Protected system patterns
This is a set of patterns concerned with the confidentiality and integrity of information by providing means to manage access and usage of the sensitive data.The protected system pattern provides some reference monitor or enclave that owns the resources and therefor must be bypassed to get access. The monitor enforces as the single point a policy. The GoF refers to it as "Protection Proxy".
The policy pattern is an architecture to decouple the policy from the normal resource code. An authenticated user owns a security context (erg. a role) that is passed to the guard of resource. The guard checks inside the policy whether the context of this user and the rules match and provides or denies access to the resource.
The authenticator pattern is also known as the Pluggable Authentication Modules
Pluggable Authentication Modules
Pluggable authentication modules are a mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface . It allows programs that rely on authentication to be written independent of the underlying authentication scheme...
or Java Authentication and Authorization Service (JAAS).
- Subject descriptor pattern
- Secure Communication is similar to Single sign-on, RBAC
- Security Context is a combination of the communication protection proxy, security context and subject descriptor pattern.
- Security Association is an extension of the secure communication pattern.
- Secure Proxy pattern can be used for defense in depth.
Security patterns for Java EE and XML Web Services
This is a set of security patterns evolved by a team of engineers from Sun Microsystems that contributes to building end-to-end security into Java EE enterprise applications, XML Web services, identity management systems, and service provisioning solutions.- Authentication Enforcer pattern can be used to manage and delegate authentication processes
- Authorization Enforcer pattern can be used to manage and delegate authorization processes
- Intercepting Validator pattern helps performing security validation for input data from clients
- Secure Base Action pattern shows centralizing handling of security tasks in a base action class
- Secure Logger pattern can be used to log sensitive data and ensuring tamper-proof storage
- Secure Session Manager shows securely centralizing session information handling
- Web Agent Interceptor pattern shows how to use an interceptor mechanism to provide security for Web applications
- Obfuscated Transfer Object pattern shows how to protect data passed around in transfer objects and between application tiers
- Audit Interceptor pattern shows to capture security related events to support logging and auditing
- Message Inspector pattern shows verification and validation of XML message-level security mechanisms, such as XML Signature and XML Encryption in conjunction with a security token.
- Message Interceptor Gateway pattern shows a single entry point solution for centralization of security enforcement for incoming and outgoing XML Web Service messages. It helps to apply transport-level and message-level security mechanisms required for securely communicating with a Web services endpoint.
- Secure Message Router pattern facilitates secure XML communication with multiple partner endpoints that adopt message-level security. It acts as a security intermediary component that applies message-level security mechanisms to deliver messages to multiple recipients where the intended recipient would be able to access only the required portion of the message and remaining message fragments are made confidential.
External links
- N. Yoshioka, H. Washizaki, K. Maruyama, A survey on security patterns, Progress in Informatics, No. 5 pp. 35-47, (2008)
- The Open Group Security Pattern Guide