TY - GEN
T1 - From vulnerability anti-patterns to secure design patterns
AU - Ratnaparkhi, Alok Chandrakant
AU - Ezenwoye, Onyeka
AU - Liu, Yi
N1 - Publisher Copyright:
© 2021 Knowledge Systems Institute Graduate School. All rights reserved.
PY - 2021
Y1 - 2021
N2 - A secure design pattern is a well-proven reusable solution to a recurring security problem that arise in specific contexts. Using secure design patterns properly can help tackle software vulnerabilities during software development. However, the lack of selection guidance of secure patterns makes it more difficult for developers to use secure design patterns than conventional design patterns. To address this issue, this paper presents a methodology of selecting the appropriate secure design patterns for software vulnerabilities formalized in anti-patterns. This methodology bridges the gap between the vulnerabilities and secure design patterns to produce a useful tool for secure software development.
AB - A secure design pattern is a well-proven reusable solution to a recurring security problem that arise in specific contexts. Using secure design patterns properly can help tackle software vulnerabilities during software development. However, the lack of selection guidance of secure patterns makes it more difficult for developers to use secure design patterns than conventional design patterns. To address this issue, this paper presents a methodology of selecting the appropriate secure design patterns for software vulnerabilities formalized in anti-patterns. This methodology bridges the gap between the vulnerabilities and secure design patterns to produce a useful tool for secure software development.
KW - Anti-patterns
KW - Secure design patterns
KW - Software vulnerabilities
UR - http://www.scopus.com/inward/record.url?scp=85114279228&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85114279228&partnerID=8YFLogxK
U2 - 10.18293/SEKE2021-179
DO - 10.18293/SEKE2021-179
M3 - Conference contribution
AN - SCOPUS:85114279228
T3 - Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE
SP - 98
EP - 101
BT - Proceedings - SEKE 2021
PB - Knowledge Systems Institute Graduate School
T2 - 33rd International Conference on Software Engineering and Knowledge Engineering, SEKE 2021
Y2 - 1 July 2021 through 10 July 2021
ER -