China
Africa
Explore chapters and articles related to this topic
Securing Web Applications Using Security Patterns
Published in Durgesh Kumar Mishra, Nilanjan Dey, Bharat Singh Deora, Amit Joshi, ICT for Competitive Strategies, 2020
Charu Gupta, R. K. Singh, A. K. Mohapatra
Security pattern addresses a particular recurring problem that arises in specific context and present a well proven generic solution for securing information systems. It describes basic security knowledge in a structured and understandable way (Bunke, 2012, 2015). Seven architectural security patterns for providing security to web application were proposed by Yoder and Barcalow (1998). Today, in literature more than 400 security patterns are available. The availability of such a large number of security patterns is a challenge for software developer to select and apply right security pattern for enhancing the security of web application (Bunke, Koshcke and Sohr, 2012). Ponde, Shirwaikar and Gore (2016) proposed a set of 210 consolidated security pattern and provided an analytical approach to select and apply the security pattern for securing web applications. However, selecting the right security pattern is a challenge to software developer community as there exists overlapping and duplicity amongst available security patterns.
Wireless Network Security for Health Applications
Published in Syed Ijlal Ali Shah, Mohammad Ilyas, Hussein T. Mouftah, Pervasive Communications Handbook, 2017
Most discussions of the security of wireless networks for health applications consider only the communication aspects of the networks [2,3]. However, as indicated, a health network is part of a complete health application and we need to relate the communication aspects to the medical aspects. We need to understand first what information is needed for medical purposes and how this information is used. This is discussed in Section 15.2. Once we define what information to keep, we present in Section 15.3 a pattern for patient records management. Design patterns were introduced in 1994 and have had an enormous influence in the system design. A pattern is an encapsulated solution to a recurrent problem in a given context. Security patterns encapsulate solutions to security problems [4]. Section 15.4 shows two case studies: Ambient assisted living (AAL) and a sensor-based hospital. Section 15.5 discusses security of wireless devices, threats, and defenses in a wireless network such as the ones used in medical applications. We end with some conclusions.
Securing Design Patterns for Distributed Systems
Published in Yang Xiao, Security in Distributed, Grid, Mobile, and Pervasive Computing, 2007
Eduardo B. Fernandez, Maria M. Larrondo-Petrie
Analysis stage: Analysis patterns, and in particular, semantic analysis patterns, can be used to build the conceptual model in a more reliable and efficient way [9]. Security patterns are used to describe security models or mechanisms. We can build a conceptual model where repeated applications of a security model pattern realize the rights determined from use cases. In fact, analysis patterns can be built with predefined authorizations according to the roles in their use cases. Then we only need to additionally specify the rights for those parts not covered by patterns. We can start defining what mechanisms (countermeasures) are needed to prevent attacks.
Framework for examination of software quality characteristics in conflict: A security and usability exemplar
Published in Cogent Engineering, 2020
Bilal Naqvi, Ahmed Seffah, Alain Abran
Furthermore, investigation of the interdependencies, conflicts, and trade-offs is a timely required research problem, which requires the following actions: Building common ground and creating a unifying vocabulary across communities. One important force that complicates the situation is that the same concept is currently defined and perceived differently in the communities of researchers and practitioners, for example, different perceptions and definitions of usability across different communities. The same issue may arise in case of security and usability conflicts where the opinion is divided between the existence and non-existence of trade-offs.Conducting internal and cross-corporation data collection to identify the current interdependencies, and how the trade-offs are being managed. The industry’s best practices can prove to be valuable while designing the best design practices for the trade-offs.Using patterns to document the identified conflicts and the best solutions for solving those conflicts using patterns, for example, usable security patterns. To our knowledge, very few patterns are available on the Internet. Gamification techniques with the complicity of crowdsourcing can assist in enabling the practitioners to join the efforts in building common ground in the form of a usable security pattern language.Working on augmentation of ISO standards and related quality models such as ISO 25,000 and 27,000 for evaluating the interdependencies and conflicts for example, security in use.