Security Engineering with Patterns

1
Security Engineering with Patterns

• Markus Schumacher and Utz Roedig

Presented by Joe Combs 15 March 2006
2
Agenda

• What do patterns seek to accomplish?
• Other approaches
• How do the authors define a pattern?
• Security engineering using patterns
• Related work

3
What Problem are We Trying to Solve?

• Allow novices to act as security experts
• Give security experts a mechanism to identify,
  name and discuss both problems and solutions more
  effectively
• Solve problems in a structured way
• Identify and consider dependencies between
  components

4
Other approaches

• Security policy
• Evaluation criteria
• Tree representations
• Formal methods
• Semi-formal approaches

5
Schumacher Roedig Pattern Template

• Name
• Context and related patterns
• Problem
• Solution
• Other optional sections include aliases,
  structure and interactions of participants,
  consequences, examples and counter-examples

6
Pattern System Examples

• Virtual Private Networks - Transport data over an
  untrustworthy network
• Network Encryption Protocol - establish
  security/confidentiality between endpoints
• Network Authentication Protocol - establish
  identity and handshake between participants
• Cryptographic Protocol - need to decide which
  mechanism

7
Pattern System Examples
8
Security Engineering w/Patterns

• Does this template does meet the criteria for the
  problem were trying to solve?
• security by non-experts
• structured problem solution
• scope time dependencies
• Tool support needed
• maintenance
• classification
• modeling
• reasoning

9
An Engineering Example
10
An Engineering Example
11
Conclusions

• Need a way to support both formal informal
  approaches to achieve security
• Average programmers need a mechanism to design
  secure systems
• Several patterns offered as examples - need a
  classification scheme to develop a pattern system
• Need to establish a larger pattern community with
  repositories of patterns, tool support and so on
  for this to be effective