Security Patterns Template and Tutorial

Download Report

Transcript Security Patterns Template and Tutorial

Security Patterns Template and Tutorial

- Darrell M. Kienzle, Ph.D., Matthew C. Elder, Ph.D., David S. Tyree, James Edwards-Hewitt Presented by Dan Frohlich

Overview  What is a Pattern?

 What is a Security Pattern?

 The Security Pattern Template.

 Related Work.

What is a Pattern?

 Developed by Christopher Alexander for Architectural and Urban Planning  Made popular for software design by GoF.

 Definition: A solution to a problem in a context.

– Summary, solution and impact – Expanded to include recurrence, a teaching component, and a name by J. Vlissides (GoF)

Variations  Architectural patterns.

– Enterprise Level (System Patterns)  AntiPatterns.

– Document common mistakes  Pattern Languages.

– Families of solutions good for OO Frameworks.

What is a Security Pattern?

 Technique for encapsulating and disseminating security expertise.

 Some but not all are design Patterns  Structural Security Patterns – Like GoF Design Patterns  Procedural Security Patterns – Improve the development process of secure software

Audience drives Level of Detail  Concepts – General Strategies like “Least Privilege”  Classes of Patterns – General problem area with many solutions  Patterns – General enough to be used in many circumstances  Examples – A worked solution for a specific problem instance

The Security Pattern Template.

 Pattern Name – Noun describing a thing to be built. (Structural) – Verb describing recommended action. (Procedural)  Abstract – Describes intent/purpose – Independent of context – Indicates limits on applicability.

The Security Pattern Template.

 Aliases – Also Known As  Problem – Context for application – Motivation for use  Solution – Applicability / Rationale – How the Pattern solves the Problem

The Security Pattern Template.

 Static Structure – Includes a Diagram if applicable or a note if not – Enumerates the components of the Diagram  Dynamic Structure – Collaborations – Outlines Component interactions

The Security Pattern Template.

 Implementation Issues – Detailed hints and techniques – Identify pitfalls, and guide reader around them  Common attacks – Identify attacks that interact with this pattern – Links to public databases

The Security Pattern Template.

 Known Uses – Cite examples of this pattern from all 3 levels when possible.

– Code Level  Rely on language features.

– System Level  Rely on OS features – Network Level  Implemented with network level components.

The Security Pattern Template.

 Sample Code – Presented whenever possible.

– Adds tangibility to an abstract idea.

 Consequences – Each area should be discussed.

– Accountability, Confidentiality, Integrity, Availability, Performance, Cost, Manageability, Usability

The Security Pattern Template.

 Related Patterns – Reference related patterns and the nature of the relationship  References – Enumerate citations related to the pattern

Related Work  Security Properties of Design Patterns – Security ramifications of GoF  NRL Patterns work – Formal verification of security-critical software  www.security-patterns.de – Collaborative site for security pattern developers

Related Work (cont.)  OpenGroup Security Forum – Developing a library of architectural security patterns.

Questions