Back to home page of Munawar





Security Pattern Catalog




The security pattern catalog contains all security patterns written by all security experts starting from the first work on security patterns in 1997.

Currently the catalog contains 97 patterns.

The following lists various books, catalogs and pattern papers, from which the security patterns are derived:

  • [Sun Book] C. Steel, R. Nagappan, and R. Lai. Core security patterns: Best practices and strategies for J2EE(TM), Web services, and identity management. Prentice Hall PTR, October 2005.
  • [Wiley Book] M. Schumacher, E. Fernandez-Buglioni, D. Hybertson, F. Buschmann, and P. Sommerlad. Security patterns: Integrating security and systems engineering. John Wiley and Sons, December 2005.
  • [Microsoft Book] J. Hogg, D. Smith, F. Chong, D. Taylor, L. Wall, and P. Slater. Web service security: Scenarios, patterns, and implementation guidance for Web Services Enhancements (WSE) 3.0. Microsoft Press, March 2006.
  • [Yoder Pattern] J. Yoder and J. Barcalow. Architectural patterns for enabling application security. In Proceedings of the 4th Conference on Patterns Language of Programming (PLoP’97). http://citeseer.ist.psu.edu/yoder98architectural.html, 1997.
  • [Romanosky Repository] S. Romanosky. Security design patterns part 1. http://citeseer.ist.psu.edu/575199.html, November, 2001.
  • [Romanosky Repository] S. Romanosky. Enterprise security patterns. http://citeseer.ist.psu.edu/romanosky02enterprise.html, 2002.
  • [Kielnzle Repository] D. M. Kienzle, M. C. Elder, D. Tyree, and J. Edwards-Hewitt. Security patterns repository version 1.0. http://www.scrypt.net/~celer/securitypatterns/, 2002.
  • [Open Group]B. Blakley and C. Heath. Security design patterns technical guide - version 1. Open Group (OG), led by Bob Blakley and Craig Heath. 2004. http://www.opengroup.org/security/gsp.htm.
  • [Hafiz Repository] M. Hafiz and R. Johnson. Evolution of Mail Transfer Agent architecture: The impact of security. Software---Practice and Experience, 38(15): 1569-1599, Dec 2008.
  • [Hafiz Privacy] M. Hafiz. A Pattern Language for Developing Privacy Enhancing Technologies. To be published in Software---Practice and Experience.


The list of patterns:


Account Lockout

Anonymity Set

Assertion Builder

Asset Valuation

Audit Interceptor

Authentication Enforcer

Authorization Enforcer

Batched Routing

Brokered Authentication

Chaining

Checkpointed System

chroot Jail

Client Data Storage

Compartmentalization

Constant Length Padding

Container Managed Security

Content Dependent Processing

Controlled Object Factory

Controlled Process Creator

Controlled Virtual Address Space

Cover Traffic

Credential Tokenizer

Defense in Depth

Delayed Routing

Demilitarized Zone

Directed Session

Distributed Responsibility

DoS Safety

Dynamic Service Management

Encrypted Storage

Enterprise Security Approaches

Enterprise Security Services

Error Detection and Correction

Exception Shielding

Execution Domain

Front Door

Full Access with Errors

Hidden Implementation

Hidden Metadata

Information Obscurity

Integration Reverse Proxy

Intercepting Validator

Intercepting Web Agent

Layered Encryption

Limited Access

Link Padding

Low Hanging Fruit

Message Inspector

Message Interceptor Gateway

Message Replay Detection

Minefield



Morphed Representation

Multilevel Security

Network Address Blacklist

Obfuscated Transfer Object

Oblivious Transfer Packet Filter Firewall

Password Synchronizer

Policy Delegate

Policy Enforcement Point

Policy

Protected System

Protection Reverse Proxy

Proxy based Firewall

Pseudonymous Identity

Random Exit

Random Wait

Reference Monitor

Replicated System

Risk Determination

Role Based Access Control

Safe Data Structure

Secure Communication

Secure Logger

Secure Message Router

Secure Resource Pooling

Secure Service Façade

Secure Service Proxy

Secure Session Object

Security Association

Security Context

Security Needs Identification for Enterprise Assets

Security Session

Server Sandbox

Single Access Point

Single Sign On Delegator

Single Sign On

Single Threaded Façade

Small Processes

Standby

Stateful Firewall

Subject Descriptor

Tandem System

Third Party Communication

Trust Partitioning

Trusted Proxy

Unique Location for each Write Request

Vulnerability Assessment

White Hats, Hack Thyself


We applied several schemes and found that a hierarchical classification scheme using threat models works the best. It forms a hierarchical tree-like structure, in which patterns can be classified by the internal nodes as well as the leaf nodes. The internal nodes of the tree describe the context of application in which a pattern can be applied. The leaf nodes are based on a threat model; we followed the STRIDE model.

HierarchicalClassificationScheme


The classification is shown as a table. The columns are according to the STRIDE threat model. The rows describe the context of application. The rightmost columns contains patterns that target multiple threats in an application context. They are to be classified by the internal nodes (Core Patterns, Perimeter Patterns, etc.). The last row describes higher level patterns that are more like security principles. They apply to multiple application contexts and target multiple threats.






Classification of Security Patterns using Hierarchical Scheme with Threat Models
Part of System\Threat Model Spoofing Tampering Repudiation Information Disclosure DoS Escalation of Privilege Multi-purpose Patterns
Core Checkpointed System

chroot Jail

Content Dependent Processing

Error Detection and Correction

Safe Data Structure

Trust Partitioning

Unique Location for each Write Request		 Audit Interceptor

Secure Logger
 Container Managed Security

Client Data Storage

Directed Session

Dynamic Service Management

Encrypted Storage

Exception Shielding

Full Access with Errors

Limited Access

Obfuscated Transfer Object

Policy Delegate

Reference Monitor

Secure Session Object

Security Session

Subject Descriptor
 DoS Safety

Small Processes
 Compartmentalization

Controlled Object Factory

Controlled Process Creator

Controlled Virtual Address Space

Distributed Responsibility

Execution Domain

Secure Resource Pooling		 Multilevel Security

Secure Service Façade

Server Sandbox
Perimeter Authentication Enforcer

Account Lockout

Brokered Authentication

Credential Tokenizer
 Intercepting Validator

Message Inspector

Message Interceptor Gateway

Secure Message Router
 Authorization Enforcer

Role Based Access Control
 Policy Enforcement Point

Single Access Point

Single Threaded Façade
Exterior Assertion Builder

Intercepting Web Agent

Message Replay Detection

Network Address Blacklist

Password Synchronizer

Single Sign On

Single Sign On Delegator
 Anonymity Set

Batched Routing

Chaining

Constant Length Padding

Cover Traffic

Integration Reverse Proxy

Layered Encryption

Link Padding

Morphed Representation

Oblivious Transfer

Packet Filter Firewall

Proxy based Firewall

Pseudonymous Identity

Random Exit

Random Wait

Stateful Firewall

Secure Communication

Security Association

Security Context
 Demilitarized Zone

Front Door

Information Obscurity

Protection Reverse Proxy

Replicated System

Secure Service Proxy

Standby

Tandem System

Trusted Proxy
Asset Valuation

Defense in Depth

Enterprise Security Approaches
 Enterprise Security Services

Hidden Implementation

Low Hanging Fruit
 Minefield

Policy

Protected System

Risk Determination
 Security Needs Identification for Enterprise Assets

Vulnerability Assessment

White Hats, Hack Thyself
Higher Level Patterns


A Security Pattern Language



The following is a pattern language for security patterns. Information about how we have grown this pattern language can be found in our paper.

The pattern language diagram is clickable. Click on a pattern in the diagram to access its description.

Patterns
Security Needs Identification for Enterprise Assets Asset Valuation Vulnerability Assessment Risk Determination Defense in Depth Enterprise Security Approaches Low Hanging Fruit White Hats, Hack Thyself Enterprise Security Services Replicated System Standby Tandem System Protected System Policy Demilitarized Zone Single Access Point Hidden Implementation Compartmentalization Distributed Responsibility Small Processes Unique Location for each Write Request Information Obscurity Oblivious Transfer Pseudonymous Identity Secure Communication Protection Reverse Proxy Front Door Trusted Proxy Brokered Authentication Network Address Blacklist Packet Filter Firewall Policy Enforcement Point Single Threaded Facade Minefield Trust Partitioning Execution Domain Server Sandbox chroot Jail Safe Data Structure Controlled Virtual Address Space Controlled Object Factory Controlled Process Creator Checkpointed System Intercepting Validator Authorization Enforcer Authentication Enforcer Account Lockout Message Replay Detection Secure Service Proxy Security Association Chaining Anonymity Set Batched Routing Random Wait Random Exit Cover Traffic Morphed Representation Security Context Intercepting Web Agent Message Interceptor Gateway Integration Reverse Proxy Proxy based Firewall Stateful Firewall Link Padding Layered Encryption Constant Length Padding Single Sign On Credential Tokenizer Assertion Builder Single Sign On Delegator Message Inspector Secure Message Router Password Synchronizer Role Based Access Control Content Dependent Processing Error Detection and Correction Secure Resource Pooling Exception Shielding Container Managed Security Multilevel Security Security Session Directed Session Secure Session Object Limited Access Full Access with Errors Subject Descriptor Secure Service Facade Obfuscated Transfer Object Encrypted Storage Client Data Storage Policy Delegate Dynamic Service Management Reference Monitor DoS Safety Secure Logger Audit Interceptor  


Publications

        Organizing Security Patterns
          (pdf)
          Munawar Hafiz, Paul Adamczyk and Ralph Johnson
          IEEE Software Special Issue on Software Patterns
          Jul/Aug 2007
 

          Growing a Pattern Language (for Security)
          (pdf)
          Munawar Hafiz, Paul Adamczyk and Ralph Johnson
          In Proceedings of the 27th Object-Oriented Programming, Systems, Languages and Applications, OOPSLA 2012
          Oct 2012
 
This page contains the publications related with security pattern catalog. More works of this author on security patterns are listed here.

Last modified: Mar 15, 2013

Conceived and Maintained by: Munawar Hafiz