Security Pattern Mining: Systematic Review and Proposal
Organizations have suffered an increase in cyber attacks in recent years. For this reason, they need to guarantee confidentiality, integrity and availability of their information assets. To do this, they should seek support from security architectures. Security patterns are a good way to design security architectures, but most current security patterns are not applicable to this field. In a previous work, we defined a new pattern template to support the design of security architectures. After that work, we realized that it was necessary to discover and identify new security patterns adapted to this template, in order to facilitate the work of those security engineers who design architectures. A good way to discover and identify new patterns is pattern mining; therefore, in this paper we have carried out a Systematic Review (SR) of security pattern mining. After performing the SR, we have reached the conclusion that the proposals analyzed do not fulfill all main requirements to cover our needs. Thats the reason why we have defined a high-level architecture of a new framework to discover, design and document security patterns focused on the design of security architectures.
Santiago Moral-García Santiago Moral-Rubio Eduardo Fernández-Medina
Kybele Group, Dep. of Computer Languages and Systems II, University Rey Juan Carlos Tulipán s/n, 289 Dep. Logical Security, BBVA, Batanes 3, 28760, Tres Cantos, Madrid, Spain GSyA Research Group, Dep. of Information Technologies and Systems University of Castilla-la Mancha,
国际会议
13th International Conference on Enterprise Information System(第13届企业信息系统国际会议 ICEIS 2011)
北京
英文
1416-1427
2011-06-08(万方平台首次上网日期,不代表论文的发表时间)