From vulnerability anti-patterns to secure design patterns

Alok Chandrakant Ratnaparkhi; Onyeka Ezenwoye; Yi Liu

doi:10.18293/SEKE2021-179

From vulnerability anti-patterns to secure design patterns

Alok Chandrakant Ratnaparkhi, Onyeka Ezenwoye, Yi Liu

Computer & Cyber Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

A secure design pattern is a well-proven reusable solution to a recurring security problem that arise in specific contexts. Using secure design patterns properly can help tackle software vulnerabilities during software development. However, the lack of selection guidance of secure patterns makes it more difficult for developers to use secure design patterns than conventional design patterns. To address this issue, this paper presents a methodology of selecting the appropriate secure design patterns for software vulnerabilities formalized in anti-patterns. This methodology bridges the gap between the vulnerabilities and secure design patterns to produce a useful tool for secure software development.

Original language	English (US)
Title of host publication	Proceedings - SEKE 2021
Subtitle of host publication	33rd International Conference on Software Engineering and Knowledge Engineering
Publisher	Knowledge Systems Institute Graduate School
Pages	98-101
Number of pages	4
ISBN (Electronic)	1891706527
DOIs	https://doi.org/10.18293/SEKE2021-179
State	Published - 2021
Event	33rd International Conference on Software Engineering and Knowledge Engineering, SEKE 2021 - Pittsburgh, United States Duration: Jul 1 2021 → Jul 10 2021

Publication series

Name	Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE
Volume	2021-July
ISSN (Print)	2325-9000
ISSN (Electronic)	2325-9086

Conference

Conference	33rd International Conference on Software Engineering and Knowledge Engineering, SEKE 2021
Country/Territory	United States
City	Pittsburgh
Period	7/1/21 → 7/10/21

Keywords

Anti-patterns
Secure design patterns
Software vulnerabilities

ASJC Scopus subject areas

Software

Access to Document

10.18293/SEKE2021-179

Cite this

Ratnaparkhi, A. C., Ezenwoye, O., & Liu, Y. (2021). From vulnerability anti-patterns to secure design patterns. In Proceedings - SEKE 2021: 33rd International Conference on Software Engineering and Knowledge Engineering (pp. 98-101). (Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE; Vol. 2021-July). Knowledge Systems Institute Graduate School. https://doi.org/10.18293/SEKE2021-179

From vulnerability anti-patterns to secure design patterns. / Ratnaparkhi, Alok Chandrakant; Ezenwoye, Onyeka; Liu, Yi.
Proceedings - SEKE 2021: 33rd International Conference on Software Engineering and Knowledge Engineering. Knowledge Systems Institute Graduate School, 2021. p. 98-101 (Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE; Vol. 2021-July).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Ratnaparkhi, AC, Ezenwoye, O & Liu, Y 2021, From vulnerability anti-patterns to secure design patterns. in Proceedings - SEKE 2021: 33rd International Conference on Software Engineering and Knowledge Engineering. Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE, vol. 2021-July, Knowledge Systems Institute Graduate School, pp. 98-101, 33rd International Conference on Software Engineering and Knowledge Engineering, SEKE 2021, Pittsburgh, United States, 7/1/21. https://doi.org/10.18293/SEKE2021-179

Ratnaparkhi AC, Ezenwoye O, Liu Y. From vulnerability anti-patterns to secure design patterns. In Proceedings - SEKE 2021: 33rd International Conference on Software Engineering and Knowledge Engineering. Knowledge Systems Institute Graduate School. 2021. p. 98-101. (Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE). doi: 10.18293/SEKE2021-179

Ratnaparkhi, Alok Chandrakant ; Ezenwoye, Onyeka ; Liu, Yi. / From vulnerability anti-patterns to secure design patterns. Proceedings - SEKE 2021: 33rd International Conference on Software Engineering and Knowledge Engineering. Knowledge Systems Institute Graduate School, 2021. pp. 98-101 (Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE).

@inproceedings{2230b8e580a64d49815baf5ca8a82bdd,

title = "From vulnerability anti-patterns to secure design patterns",

abstract = "A secure design pattern is a well-proven reusable solution to a recurring security problem that arise in specific contexts. Using secure design patterns properly can help tackle software vulnerabilities during software development. However, the lack of selection guidance of secure patterns makes it more difficult for developers to use secure design patterns than conventional design patterns. To address this issue, this paper presents a methodology of selecting the appropriate secure design patterns for software vulnerabilities formalized in anti-patterns. This methodology bridges the gap between the vulnerabilities and secure design patterns to produce a useful tool for secure software development.",

keywords = "Anti-patterns, Secure design patterns, Software vulnerabilities",

author = "Ratnaparkhi, {Alok Chandrakant} and Onyeka Ezenwoye and Yi Liu",

note = "Publisher Copyright: {\textcopyright} 2021 Knowledge Systems Institute Graduate School. All rights reserved.; 33rd International Conference on Software Engineering and Knowledge Engineering, SEKE 2021 ; Conference date: 01-07-2021 Through 10-07-2021",

year = "2021",

doi = "10.18293/SEKE2021-179",

language = "English (US)",

series = "Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE",

publisher = "Knowledge Systems Institute Graduate School",

pages = "98--101",

booktitle = "Proceedings - SEKE 2021",

}

TY - GEN

T1 - From vulnerability anti-patterns to secure design patterns

AU - Ratnaparkhi, Alok Chandrakant

AU - Ezenwoye, Onyeka

AU - Liu, Yi

PY - 2021

Y1 - 2021

N2 - A secure design pattern is a well-proven reusable solution to a recurring security problem that arise in specific contexts. Using secure design patterns properly can help tackle software vulnerabilities during software development. However, the lack of selection guidance of secure patterns makes it more difficult for developers to use secure design patterns than conventional design patterns. To address this issue, this paper presents a methodology of selecting the appropriate secure design patterns for software vulnerabilities formalized in anti-patterns. This methodology bridges the gap between the vulnerabilities and secure design patterns to produce a useful tool for secure software development.

AB - A secure design pattern is a well-proven reusable solution to a recurring security problem that arise in specific contexts. Using secure design patterns properly can help tackle software vulnerabilities during software development. However, the lack of selection guidance of secure patterns makes it more difficult for developers to use secure design patterns than conventional design patterns. To address this issue, this paper presents a methodology of selecting the appropriate secure design patterns for software vulnerabilities formalized in anti-patterns. This methodology bridges the gap between the vulnerabilities and secure design patterns to produce a useful tool for secure software development.

KW - Anti-patterns

KW - Secure design patterns

KW - Software vulnerabilities

UR - http://www.scopus.com/inward/record.url?scp=85114279228&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85114279228&partnerID=8YFLogxK

U2 - 10.18293/SEKE2021-179

DO - 10.18293/SEKE2021-179

M3 - Conference contribution

AN - SCOPUS:85114279228

T3 - Proceedings of the International Conference on Software Engineering and Knowledge Engineering, SEKE

SP - 98

EP - 101

BT - Proceedings - SEKE 2021

PB - Knowledge Systems Institute Graduate School

T2 - 33rd International Conference on Software Engineering and Knowledge Engineering, SEKE 2021

Y2 - 1 July 2021 through 10 July 2021

ER -

From vulnerability anti-patterns to secure design patterns

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this