Security Engineering with Patterns

Markus Schumacher and Utz Roedig

Presented by Joe Combs 15 March 2006

Agenda• What do patterns seek to accomplish?

• Other approaches

• How do the authors define a pattern?

• Security engineering using patterns

• Related work

What Problem are We Trying to Solve?

• Allow novices to act as security experts

• Give security experts a mechanism to identify, name and discuss both problems and solutions more effectively

• Solve problems in a structured way

• Identify and consider dependencies between components

Other approaches• Security policy

• Evaluation criteria

• Tree representations

• Formal methods

• Semi-formal approaches

Schumacher & Roedig Pattern Template

• Name

• Context and related patterns

• Problem

• Solution

• Other optional sections include aliases, structure and interactions of participants, consequences, examples and counter-examples

Pattern System Examples• Virtual Private Networks - Transport data over an

untrustworthy network

• Network Encryption Protocol - establish security/confidentiality between endpoints

• Network Authentication Protocol - establish identity and handshake between participants

• Cryptographic Protocol - need to decide which mechanism

Pattern System Examples

Security Engineering w/Patterns• Does this template does meet the criteria for

the problem we’re trying to solve?• security by non-experts• structured problem solution• scope & time dependencies

• Tool support needed:• maintenance• classification• modeling• reasoning

An Engineering Example

An Engineering Example

Conclusions• Need a way to support both formal & informal approaches to

achieve security

• Average programmers need a mechanism to design secure systems

• Several patterns offered as examples - need a classification scheme to develop a pattern system

• Need to establish a larger pattern community with repositories of patterns, tool support and so on for this to be effective