We have over 12,000 students, from over 100 countries, within one of the safest campuses in the UK


97% of Lancaster students go into work or further study within six months of graduating

Home > Research > Publications & Outputs > Security engineering with patterns
View graph of relations


« Back

Security engineering with patterns

Research output: Contribution in Book/Report/ProceedingsConference contribution


Publication date1/09/2001
Host publicationProceedings of the 8th Conference on Pattern Languages of Programs (PLoP 2001)
<mark>Original language</mark>English


Conducting digital business requires secure network and application architectures. The recently increasing occurrence of severe attacks has shown, however, that we will still need quite some time and effort to reach security standards of IT systems alike the standard already usual in other fields. At present, there is a huge gap between theory and the code of practice. Whereas scientists work on formal approaches for the specification and verification of security requirements, practitioners have to meet the users requirements. The Pattern Community recognized this problem, too. Patterns literally capture the experience from experts in a structured way. Thus novices can benefit from know-how and skills of experts. Hence, we propose to apply the pattern approach to the security problem. We show that recent security approaches are not sufficient and describe how Security Patterns contribute to the overall process of security engineering. A Security Pattern System provides linkage between Security Patterns. Thus dependencies between specific security problems can be considered in a comprehensive way.