Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Security engineering with patterns : origins, theoretical models, and new applications
Schumacher M., Springer-Verlag New York, Inc., Secaucus, NJ, 2003. 208 pp. Type: Book (9783540407317)
Date Reviewed: Nov 12 2004

Security is an important aspect of emerging open systems, such as those in e-commerce and similar applications. Security is, however, often added after the system is already built, and, therefore, many problems may arise from the lack of a systematic consideration of security in the system analysis and design stages, and throughout the whole of system development.

Security patterns have been proposed to encourage such an approach, and to encapsulate best practices in security design, as is the case with software patterns. The main advantage of this paradigm is to address the human factor, which is a main source of errors in building security systems. “A security pattern describes a particular recurring security problem that arises in a specific security context and presents a well-proven generic scheme for a security solution.” For example, there are patterns for access control, passwords, and firewalls.

This book provides an anchor reference for security patterns. The author gained his expertise from planning and organizing the security workshop Hacker Context, and supervising a set of security-related master’s theses.

The book is divided into 10 chapters. These chapters address the need for, and history of, security patterns (chapters 1 through 6), and present the foundations of security patterns, provide a theoretical model, and discuss their main applications (chapters 7 and 8). Chapter 10 reviews previous chapters, by discussing the contribution of each one of these chapters, and concludes the book.

This text was initially a Ph.D. thesis, which was then published in the form of a book. I don’t recommend it for classroom use, but rather as introductory material for people wishing to understand security patterns. I also recommend supplemental material (in the form of a pattern catalog), which I consider a must to complement the book. The pattern catalog is available at http://www.opengroup.org/publications/catalog/g031.htm, and enables system architects and designers to develop security architectures that meet their particular requirements.
Reviewer:  Ghita Kouadri Review #: CR130408 (0507-0789)
Bookmark and Share
  Reviewer Selected
Featured Reviewer 		 
 
Authentication (K.6.5 ... )
 
 
Information Flow Controls (D.4.6 ... )
 
 
Invasive Software (K.6.5 ... )
 
 
Security (K.4.4 ... )
 
 
Security and Protection (C.2.0 ... )
 
 
Unauthorized Access (K.6.5 ... )
 
  more  
Would you recommend this review?
yes
no
Other reviews under "Authentication": Date
Cyberpunk
Hafner K., Markoff J., Simon & Schuster, Inc., New York, NY, 1991. Type: Book (9780671778798)		 Nov 1 1993
How to sign digital streams
Gennaro R., Rohatgi P. Information and Computation 165(1): 100-116, 2001. Type: Article		 Dec 1 2001
Signature schemes based on the strong RSA assumption
Cramer R., Shoup V. ACM Transactions on Information and System Security 3(3): 161-185, 2000. Type: Article		 Mar 1 2001
more...
E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use | Privacy Policy