Next Article in Journal
FSCR: A Deep Social Recommendation Model for Misleading Information
Next Article in Special Issue
Malware Detection Based on Code Visualization and Two-Level Classification
Previous Article in Journal
Examining the Effects of Media-Generated Stereotypes on Receivers’ Trust and Attitude in Pakistan. Moderating Influence of Ethnicity and Gender
Previous Article in Special Issue
The Spatial Analysis of the Malicious Uniform Resource Locators (URLs): 2016 Dataset Case Study
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Information
Volume 12
Issue 1
10.3390/info12010036
information-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles thumb_up
...
Endorse textsms
...
Comment
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Systematic Literature Review of Security Pattern Research

by
Hironori Washizaki
1,*,
Tian Xia
1,
Natsumi Kamata
1,
Yoshiaki Fukazawa
1,
Hideyuki Kanuka
2,
Takehisa Kato
2,
Masayuki Yoshino
2,
Takao Okubo
3,
Shinpei Ogata
4,
Haruhiko Kaiya
5,
Atsuo Hazeyama
6,
Takafumi Tanaka
7,
Nobukazu Yoshioka
8 and
G. Priyalakshmi
9
1
Department of Computer Science and Engineering, Waseda University, Shinjuku-ku, Tokyo 169-8555, Japan
2
Hitachi, Ltd., Chiyoda-ku, Tokyo 100-8280, Japan
3
Institute of Information Security, Yokohama, Kanagawa 221-0835, Japan
4
Institute of Engineering, Academic Assembly, Shinshu University, Nagano City, Nagano 380-8553, Japan
5
Department of Information Sciences, Kanagawa University, Hiratsuka 259-1293, Japan
6
Department of Information Science, Tokyo Gakugei University, Koganei-shi, Tokyo 184-8501, Japan
7
Department of Software Science, Tamagawa University, Tokyo 194-8610, Japan
8
National Institute of Informatics, Chiyoda-ku, Tokyo 101-8430, Japan
9
PSG College of Technology, Tamil Nadu 641004, India
*
Author to whom correspondence should be addressed.
Information 2021, 12(1), 36; https://0-doi-org.brum.beds.ac.uk/10.3390/info12010036
Submission received: 14 November 2020 / Revised: 7 January 2021 / Accepted: 10 January 2021 / Published: 16 January 2021
(This article belongs to the Special Issue Cyberspace Security, Privacy & Forensics)
Browse Figures
Versions Notes

Abstract

:
Security patterns encompass security-related issues in secure software system development and operations that often appear in certain contexts. Since the late 1990s, about 500 security patterns have been proposed. Although the technical components are well investigated, the direction, overall picture, and barriers to implementation are not. Here, a systematic literature review of 240 papers is used to devise a taxonomy for security pattern research. Our taxonomy and the survey results should improve communications among practitioners and researchers, standardize the terminology, and increase the effectiveness of security patterns.

1. Introduction

A pattern is a solution to a problem that arises within a specific context [1]. Security patterns are patterns specific to security problems and solutions. Security patterns describe security-related problems and corresponding solutions as best practices that recur under specific contexts in secure developments and operations [2]. There are concrete security patterns and abstract ones that capture successful secure analysis, designs, and implementations. Security patterns provide guidelines to improve security characteristics such as confidentiality, integrity, and availability since security patterns incorporate the knowledge of security experts [3]. To reveal the overall picture and directions of security pattern research, we employ a systematic literature review of 240 papers [4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125,126,127,128,129,130,131,132,133,134,135,136,137,138,139,140,141,142,143,144,145,146,147,148,149,150,151,152,153,154,155,156,157,158,159,160,161,162,163,164,165,166,167,168,169,170,171,172,173,174,175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203,204,205,206,207,208,209,210,211,212,213,214,215,216,217,218,219,220,221,222,223,224,225,226,227,228,229,230,231,232,233,234,235,236,237,238,239,240,241,242,243] and devise a taxonomy in this paper.
The number of security patterns has recently grown; however, they are still challenging to apply appropriately. Although there are ongoing studies and practices about various topics such as the discovery, documentation, formalization application of security patterns [2], the current trends and prospects of security patterns research are uncertain due to the diversity in the research results themselves. Most studies have focused on technical aspects and implementation, but few have examined the overall picture and significant technical challenges. To elucidate the current trends and prospects, it is necessary to have a scheme to categorize and analyze research papers on security patterns.
Several surveys such as [244] have been conducted on specific security patterns and related patterns to classify and analyze them. Moreover, there are some existing works such as [3,245] on studying different research techniques and approaches for security patterns. However, the survey and analysis are limited to specific security patterns or a small number of research papers. None of these related works is a rigorous survey targeting many research papers on security patterns in general.
It is clear that only considering limited security characteristics triad (i.e., CIA standing for confidentiality, integrity, and availability) is not enough to accomplish the complexity of secure software systems properly. Thus, it is crucial to have a resource for characterizing available security pattern research concerning various characteristics, not only CIA but also others such as suitable development methodologies and phases, to support practitioners select existing security pattern methods and tools, and to help systems and software security community communicate and conduct further research in security pattern methods and tools.
This paper proposes a taxonomy for characterizing and classifying security pattern research through a systematic literature review (SLR) [246]. Based on the taxonomy, we categorize and analyze 240 papers to clarify state-of-the-art and future directions of security pattern research in terms of 13 facets including topics and security characteristics. Our taxonomy and the survey results should improve communications among practitioners and researchers, standardize the terminology, and increase the effectiveness of security patterns. We summarize our contributions as follows:
  • Using an SLR to identify necessary facets, we created a comprehensive taxonomy. Our taxonomy characterizes security pattern research to help practitioners choose existing security pattern methods as well as tools. Besides, our taxonomy serves as a resource for the software security community to support communication and research in security pattern methods and tools.
  • We surveyed and classified existing security pattern research and clarified state-of-the-art and future directions of security pattern research based on our taxonomy. These findings should stimulate and improve security pattern research, resulting in the improvement of the effectiveness of security patterns.
The rest of this paper is organized as follows. Section 2 summarizes related work. Section 3 overviews our SLR and taxonomy construction process. Section 4 outlines our taxonomy. Section 5 shows the survey results of the facets in the taxonomy. Section 6 shows the validation and use case of the taxonomy. Section 7 describes limitations of the taxonomy and the SLR. Finally, Section 8 provides the conclusion and future work.

2. Related Work

Several surveys have been conducted on specific security patterns and related patterns to classify and analyze them. Nobukazu et al. [242] conducted a survey of security patterns in general; however, the number of patterns studied is limited since it was an early survey in 2008. Uzunov et al. [30] conducted a comprehensive survey of security solutions including patterns for distributed publish/subscribe systems. Washizaki et al. [244] conducted a survey of IoT patterns including security patterns for IoT systems. Laverdiere et al. [155] conducted another comprehensive survey of security patterns useful at the design phase. These surveys are not intended to reveal characteristics of security patterns in general at all phases in the software system lifecycle. Besides, none of them is a comprehensive survey of security pattern research.
Apart from the surveys of specific or general security patterns, there are some existing works on studying different research techniques and approaches for security patterns. Alvi et al. [5] conducted a study to compare various classification schemes of security patterns; in the study, other research approaches such as application and formalization are out of scope. Rajmohan et al. [245] systematically analyzed around 20 research papers that have been published around patterns and architectures for IoT security and privacy; the analysis is limited to IoT security and privacy patterns only. Ito et al. [3] conducted a systematic mapping study targeting security pattern research; however, the number of research papers surveyed is limited to only 30, and it is a brief summary of pattern research without in-depth analysis.
None of those mentioned above related works is a rigorous survey targeting many research papers on security patterns in general. In our preliminary conference paper, we reported a result of an SLR targeting more than 200 papers [247]. Since the set of papers to be analyzed was limited to those published from 1992 to early August 2016, we expanded the SLR target to include more papers published from August 2016 to 2017 in this paper. In addition, we added an in-depth analysis based on the survey (such as security measurements in detail) and related works. Besides, we revised the taxonomy by removing two subfeatures “User” and “Type of pattern”. We removed the former since it is quite similar to “Phase” under the same feature “Purpose”. We removed the latter since it is redundant to hold in addition to “Security pattern” and “Attack pattern” under the same feature “Pattern”. In addition, we added a new subfeature “Pattern modeling” to the feature “Method” since it was additionally identified as an essential and independent feature in addition to “Methodology” and “Relationship between pattern”.

3. Taxonomy Construction

The development of a taxonomy can be approached in two different ways: top-down and bottom-up [248,249]. In the top-down approach, the taxonomy is built upon existing knowledge structures, allowing established definitions and categorizations to be reused, increasing the probability of achieving an objective classification procedure [248]. Existing works have classified and analyzed security pattern research, but none have provided a comprehensive guide that takes major characteristics into account. Therefore, we adopt a top-down approach to design our taxonomy.
Figure 1 outlines how various characteristics are identified to distinguish existing security pattern studies to realize a comprehensive taxonomy, which classifies security pattern research as feature diagrams. A top-down approach is used by having four steps: determining the scope, conducting an SLR, analyzing the results, and validating the results.
  • To determine the scope, we first defined our purpose and goals. The purpose is to support the classification, comparison, reuse, and extension of security pattern research. Our goals are to improve communications about security software stakeholders such as researchers, developers, and users and improve the research achievements’ availability. Thus, we aimed to develop a taxonomy to classify security patterns and standard terminology.
  • Next, we conducted an SLR aiming to aggregate existing evidence to achieve the research goal and support the construction of evidence-based guidelines for practitioners and researchers [250]. The SLR used Scopus (https://0-www-scopus-com.brum.beds.ac.uk/) which is citation and abstract database provided by Elsevier, to search for papers about security pattern research. The search query was the following.
    TITLE-ABS-KEY‘‘security patter’’) AND
    ( LIMIT-TO(SUBJAREA,‘‘COMP’’) OR LIMIT-TO(SUBJAREA,‘‘ENG’’) )
    Scopus was chosen because its effectiveness as a software engineering SLR has been demonstrated [244,251,252,253]. In addition, the results can be easily exported. On 23 October 2018, our query returned 484 papers published between 1992 and 2017. The following inclusion and exclusion criteria were subsequently used to compile research on security patterns:
    Inclusion criteria:
    • Studies published in conference proceedings or journals in the form of papers employing security patterns for systems and software systems engineering.
    Exclusion criteria:
    • Studies that do not employ any security pattern.
    • Studies that introduce or propose security patterns without any further engineering activities such as application of patterns.
    Each paper was initially read by one author to determine if it was within the scope of this study. If it fitted within the scope, the author analyzed it against known features used in [3] and identified additional characteristics. Then another author confirmed the assessment. If these classifications conflicted, all authors discussed to reach a consensus. This procedure returned 240 papers and their initial classification results (The list of 240 papers and their analysis details are available at http://www.washi.cs.waseda.ac.jp/security/.).
  • Afterward, the identified characteristics were merged using existing methods such as CWE (Common Weakness Enumeration) [254] and CVSS (Common Vulnerability Scoring System) [255] as well as critical concepts clarified in the Security and Privacy Metamodel [256] to form a feature diagram [257]. A feature diagram is a tree to visualize four types of relationships between a parent feature and its child features (subfeatures): The first is “Mandatory”, which indicates a required subfeature. The second is “Optional”, which denotes a voluntary feature. The third is “Or”, which requires at least one of the subfeatures. The fourth is “Alternative”, which means only one subfeature is selected among all possible subfeatures. Since a feature diagram essentially defines a taxonomy, feature diagrams have been used for defining taxonomies to classify papers and documents in literature reviews [258,259].
  • Finally, the taxonomy was validated by classifying existing security pattern research identified in the SLR. Each subfeature was assigned to one of the authors to check initial classification results in terms of the assigned subfeature. If the author identified classification conflicts in terms of the assigned subfeature, all authors discussed to reach a consensus modify the taxonomy and/or classification results.

4. Constructed Taxonomy

Figure 2 shows our taxonomy, which includes five features as facets for characterizing and classifying security pattern research.
The first feature is “Purpose”, which includes topics addressed by security pattern research and phases of the systems and software lifecycle. These are particularly important to help practitioners choose appropriate methods and tools against their needs, such as necessary supports (e.g., application of security patterns) and phases necessary to be secured (e.g., secure design) by utilizing security pattern research. These are also helpful for researchers to identify each topic’s and phase’s maturity and envision necessary future efforts.
The second is “Research Implementation”, which consists of the platform to realize the pattern research results, whether the results are encapsulated or (semi-)automated as a tool and whether experiments or case studies are performed to evaluate the results relevant to the original research purpose. These are important to help practitioners choose easy-to-use or empirically validated methods on targeted platforms. These are also helpful for researchers to identify each research area’s maturity and envision necessary future efforts.
The third is “Quality”, which consists of items related to quality characteristics: threats and vulnerabilities toward a specific security problem; security characteristics in detail such as privacy, integrity, and availability; and whether a security measurement system is incorporated in order to detect changes in security by introducing or applying the research results. These are useful for choosing and carefully using specific methods and tools by understanding their impact on quality characteristics. These are also helpful for researchers to envision necessary future efforts concerning quality aspects, including security and privacy.
The fourth is “Pattern”, which includes the types of patterns employed or addressed in the pattern research. Patterns that address security concerns can be classified into two types: security patterns and attack patterns. The former addresses both recurring security problems and corresponding solutions from the viewpoint of defenders to security risks, while the latter addresses only security problems from the viewpoint of malicious attackers by detailing security risks. These are useful for choosing specific methods and tools against intended patterns, especially when practitioners examine specific patterns for use. These are also helpful for researchers to envision necessary future efforts in terms of each specific pattern.
The fifth is “Method”, which includes the methodology, pattern modeling notations, and pattern relationships. These are useful for considering the adaptability of specific methods and tools to ongoing or intended development contexts, including development methodologies, modeling notations, and patterns considered to be used. These are also helpful for researchers to envision necessary future efforts concerning development contexts and security pattern combinations.

5. Survey Results

The 240 papers identified in the SLR are classified by the 13 facets defined in the taxonomy to clarify state-of-the-art approaches and future research directions. Below, we summarize how the taxonomy helps characterization and classification of papers on security pattern research.

5.1. Purpose

5.1.1. Topic

Figure 3 divides the 240 papers by research topic. Most papers propose or report applications of patterns during systems and software development, certain development methodologies, and pattern classification. Empirical and case study reports are limited, indicating that future research should consider case studies, methodologies, and applied experiments.
Although security patterns have been documented and reported at conferences such as PLoP (https://www.hillside.net/plop/) since the late 1990s, patterns are still manually identified and extracted. Pattern extraction is rarely reported (i.e., 1%) [11,13] in research papers. Mechanisms for identifying and extracting security patterns are highly anticipated, but in reality, research is not being conducted on this topic. Similarly, automatically identifying critical attack and security patterns is desired to determine coding requirements and design, but these topics are not extensively researched as only 8% of papers report pattern specifications and verification. Hence, more research on these topics should be conducted in the future.

5.1.2. Phase of Lifecycle

As shown in Table 1, we categorized the papers into 16 phases. Each paper is categorized into zero or more phases. Numerous phases from “Analysis” to “Evolution” can be research targets. Besides, if target phases are not clearly specified in a paper, the paper is categorized as “Any”; each paper should be classified into more concrete phases as possible.
The most commonly investigated phases are “Design” followed by “Analysis” and “Implementation”. Hence, research targets are skewed towards the earlier phases. Few report postimplementation phases including “Evolution” and “Maintenance”, suggesting that security pattern research in later phases may be a frontier field. Cutting-edge topics include multidimensional classification of patterns [16], detection of patterns from the program source code [41], improvement of existing legacy software systems using patterns [10], and security patterns for operational dynamics [181]. Classifying security patterns for the system lifecycle, defining and formalizing patterns that address dynamic behaviors, and utilizing defined patterns in existing software systems are topics that should be further examined.

5.2. Research Implementation

5.2.1. Platform

Among the 240 papers, 25% (61) are platform specific (Figure 4), including Ambient Intelligence Environments, Business Process Management (BPM), and Multiagent Systems (MAS). Most reports use general platforms like the web, cloud, and distributed system.
A few papers address Cyber Physical Systems (CPS) and the Internet of Things (IoT) [227,233], and 75% do not refer to a specific computing platform. Since various IoT security patterns are emerging, active research on platforms involving IoT, cloud, and their applications is desirable.

5.2.2. Tool and Automation

As shown in Figure 5, about 34% (82 papers) mention tools or automation. Many use tools and approaches that involve modeling. A few also include aspect-oriented approaches, formal verification, and code generation. Because the majority of reports create a unique tool, there are many tools for modeling, analysis, design, and implementation. However, few studies propose testing tools (such as model-based testing [179,209]) and operating tools (such a runtime framework [40,171,173,199]).
Tools should span the entire lifecycle because security issues appear in all phases. Hence, future studies should develop tools that directly incorporate security patterns in the testing and operation phases.

5.2.3. Evaluation Method

About half (51.6%, 124 papers) incorporate an evaluation by implementing a case study (19.5%), referencing examples (15%), and conducting experiments (4.1%). Additionally, 12.9% report using an evaluation without specifying the method.
The findings indicate that evaluations of security pattern usage are an immature research area. Even if an evaluation is conducted, it is often limited to a case study or referencing an example. Stricter evaluation methods (e.g., a control experiment) are almost nonexistent. More rigorous evaluation methods are expected in the future to improve the maturity, usefulness, and validity of security pattern research.

5.3. Quality

5.3.1. Vulnerability and Threat

Vulnerabilities or threats are mentioned in 29.6% (71) of the papers. Only 1.2% (3 [50,189,219]) (Although more papers refer to STRIDE, most do not incorporate STRIDE into their proposed techniques or achievements. For example, in [45], STRIDE is not handled in the proposed security testing technique; STRIDE is mentioned just in its case study in terms of threat identification without detailed explanations [45]. By excluding such papers, we finally identified that three papers [50,189,219] incorporate STRIDE into their research techniques or achievements in terms of threat identification modeling and classification.) refer to STRIDE [260], which is advocated by Microsoft, while another 2.5% (6) refer to other publicly available information in terms of vulnerabilities and threats. Among these six papers, one [10] references CVSS [255], which summarizes risk information. Four papers reference more tangible vulnerability information such as CWE [254] and Common Vulnerability and Exposures (CVE) [261]. Furthermore, one paper [214] refers to Common Attack Pattern Enumeration and Classification (CAPEC) [262], which categorizes known attacks employed by adversaries.
Security patterns should clearly explain how to deal with security measures that involve addressing system vulnerabilities and threats. Thus, the fact that more than 70% of the papers do not mention vulnerabilities or threats is troublesome. Future research should collect both the theoretical and actual relationships on vulnerabilities and threats to achieve practical uses of security patterns. Currently, few papers refer to publicly available information on known vulnerabilities and threats. Consequently, future research should investigate how to utilize such publicly available information and increase the awareness of security patterns.

5.3.2. Security Characteristic

Over half (58.8%, 141) mention security characteristics. Of the 141 papers, 91.5% (129) refer to CIA characteristics. In these papers, there are 109, 84, and 71 references to confidentiality, integrity, and availability, respectively (Figure 6).
Another 37 papers reference non-CIA security characteristics such as accountability, authenticity, authentication, authorization, and nonrepudiation. Twenty-five of these mention both CIA and non-CIA characteristics, while 12 mention non-CIA characteristics only.
We confirmed that many studies examine security characteristics, especially those based on CIA. Confidentiality, which allows only individuals with granted permission to access information, is essential and the most mentioned characteristic. One example involving privacy and confidentiality is Role-Based Access Control (RBAC).

5.3.3. Security Measurement

Only a few papers (10.8%, 26) adopted security measurements to evaluate patterns. Two used STRIDE [260]. Ref. [57] evaluated the handling of potential threats via a graph and indicated STRIDE’s attack categories against secure and nonsecure systems. Ref. [141] evaluated the system against security attacks by using STRIDE. Their evaluation based on fuzzy logic defined five levels for the five main events, where the levels correspond to a STRIDE’s category.
The following list summarizes other measurements in the literature. The numbers of levels and categories are different, and each level and category are defined differently. The majority of them employ an approach to evaluate three to five discrete levels for the likelihood of exposing vulnerabilities and their effects on the system associated with security patterns.
  • In [5], security patterns found in 23 papers are grouped into 14 categories. Then the categories are evaluated using nine levels of quality standard classifications.
  • In [26], forces and Solution are used to evaluate attribute, risk reduction frequency, risk reduction consequence, annual number of attacks, cost per attack, and cost solution. Furthermore, XSS (Cross Site Scripting) is evaluated as a case study.
  • In [29], seven levels of security criteria are used to compare and evaluate nine security patterns. In addition, performance gain and loss is compared. The implementation cost and degree of security are also evaluated in three levels.
  • In [37], the following three categories are used for evaluating security pattern description elements (problem and forces, structure description, structure image, behavior description, behavior image, consequences, and example): not provided, minimal, and satisfactory.
  • In [39], measures against possible threats are evaluated using a graph.
  • In [59], resource access restrictions granted to different roles are evaluated in terms of four operations: C (create), R (retrieve), U (update), and D (delete).
  • Ref. [76] supports an aspect-oriented approach and proposes an evaluation using Object Constraint Language (OCL) for Account Lockout with Selective Logging (ALSEL) and IMAP system.
  • In [116], nine levels of quality are used to evaluate nine concerns such as threats and attacks to be avoided, an attack pattern to be applied, threats to be passed, and security requirements.
  • In [125], security patterns of eight categories such as accountability, confidentiality, and integrity are evaluated.
  • In [152], security patterns of a distributed system are categorized and five quality indicators are evaluated.
  • In [155], using the 6 σ approach, 12 security patterns are evaluated by 6 categories of undesirable properties.
  • In [200], using its own unique evaluation formula, the applicability of patterns is calculated as rate.
  • In [202], three indices (completeness, isolation, and verifiability) are used as the engineering principles of security kernel.
  • Ref. [203] is related to security patterns of a grid system. Password and digital signature are expressed as graphic extension of Backus normal form (a.k.a. Backus–Naur form) in the authentication pattern.
  • In [204], using an example of an ATM terminal, security objects, and patterns are described and evaluated in eight matrices.
  • Ref. [205] categorizes patterns into three layers and evaluates them.
Because each research paper used its own evaluation categories, assessing the evaluation results’ applicability is challenging. In the future, a standard index such as STRIDE should be used to evaluate results to have comparable security pattern research.

5.4. Security Related Patterns

5.4.1. Security Pattern

Most papers (77.9%, 187) mention a specific security pattern by name. On average, each paper mentions 4.9 patterns. Although there are 1179 references to a pattern name, only 558 are unique patterns. Of these, 31.5% (176 patterns) are mentioned in at least two papers. By the definition of the word “pattern”, a software pattern should be used by many practitioners. However, this study reveals that the majority of patterns ( 70%) are not actually shared. As shown in Table 2, only 16 patterns are mentioned in 10+ papers. These patterns are related to authentication, authorization, and access control.
Ironically, over 22% of the papers on security patterns do not mention a certain pattern by name. Without a pattern name, it is difficult to explain a new idea or method. Our results reveal about one-third of the patterns are common; using easy-to-use directed graph representations such as UML class diagrams would contribute to their high reusability. Although many research papers express patterns without specific names, this will become more challenging in the future as research expands to include concepts that are often hard to describe by a structural description such as availability.

5.4.2. Attack Pattern

Attack patterns are much less prevalent than security patterns. Only 17.0% (41) papers mention attack patterns. Many patterns are mentioned in only one paper. Table 3 summarizes patterns mentioned in multiple papers.
Moreover, the abstraction varies widely. Some refer to abstract attack patterns in STRIDE, which is a categorization of attack patterns. Others discuss CIA security characteristics. One is specific to illegal money transfers in a certain application. Although attack patterns and security characteristics are common, specific examples are rare.

5.5. Method

5.5.1. Methodology

Ninety-seven papers (40.4%) describe a development methodology (Figure 7). Some discuss a methodology related to a model-driven development approach (14.2%) or an aspect-oriented development approach (2.1%). Although many development methodologies are reported, few examine security-focused methodologies. As IoT becomes ubiquitous, studies on the methodology should intentionally focus on security by design.

5.5.2. Pattern Modeling Notation

The types of modeling notations used in security-pattern research are examined. About two-thirds of the papers represent the notations of security patterns, which can be categorized into six groups. Table 4 shows the groupings, where multiple groups indicate papers using multiple notations. The “UML” group includes UML diagrams and UML based notations. The “Goal-oriented”, “Formal”, and “Natural language” groups include models used in goal-oriented methods, formal notations, and natural language notations, respectively.
Security patterns are mostly UML, which is reasonable since UML is generally accepted for modeling software and systems. In papers that address specific development methods or tools, formal, goal-oriented, and natural language notations are used in 13, 12, and 12 papers, respectively. Moreover, about one-third of papers do not describe the notations of security patterns. In the future, the notation should be described to clarify security patterns.

5.5.3. Relationship between Patterns

Because security patterns are often used and applied as combinations, their relationships must be clarified. Relationships between patterns can be classified into two types: between security patterns (relationship A) to enhance described security methods by combination and between an attack pattern and a corresponding security pattern to reduce security risks (relationship B).
Of the 240 papers, 98 papers (40.8%) focus on relationship A. Only 5.8% (14) mention relationship B. These results demonstrate that security pattern combinations are often not considered. In the future, more research needs to be conducted with an emphasis on relationship B. Such research is expected to reveal how security patterns reduce risks imposed by attack patterns in specific development processes.

6. Validation and Use Case of Taxonomy

There are multiple methods to validate a taxonomy. Examples include demonstrating the orthogonality of its classification features, benchmarking against existing classification schemes, or confirming its utility to classify existing knowledge [263]. Herein orthogonality means that a paper can be classified as only one category of possible combinations of concrete features. We validated our taxonomy by classifying the research papers identified in the SLR. Because fitting of each characteristic gave only one classification category shown in the survey results in Section 5, the classification features are orthogonal.
Besides, we validated our taxonomy by classifying the four latest popular papers (On 30 December 2020, we applied the same search query for papers published in or after 2018 at Scopus. Our query returned 129 papers. By applying the inclusion and exclusion criteria to them, we confirmed that 66 papers fit within our study’s scope. Among 66, we selected the top four mostly-cited papers that meet the inclusion criteria. The list of these latest 129 papers is available at http://www.washi.cs.waseda.ac.jp/security/.) that are not included in the SLR. Table 5, Table 6, Table 7 and Table 8 show the classification results of these papers using our taxonomy.
We summarized the results aligned with classification features as follows.
  • Purpose: Three-quarters of the papers report security pattern applications targeting the earlier phases, including analysis and design.
  • Research Implementation: Half of the papers use cloud as their application platform. Half mention tools. Evaluations of security patterns are limited to an example or a case study.
  • Quality: Half of the papers mention vulnerabilities or threats. Only one paper refers to publicly available information regarding vulnerabilities and threats (i.e., STRIDE). All studies examine security characteristics based on the CIA. Only one paper adopts security measurements.
  • Pattern: All papers focus on security patterns only.
  • Method: Half of the papers describe some development methodologies. Three-quarters represent the pattern modeling notations, including UML as the most major one. None of the papers explicitly handle security pattern combinations.
Since these trends are quite similar to those of our SLR for 240 papers published in 1992–2017, we believe our taxonomy and SLR results are still applicable to the latest situation and useful. Moreover, we confirmed that we successfully classified the latest popular papers according to the characteristics defined in our taxonomy and show how it can help classify security pattern research papers.
Based on the classification capability, our taxonomy should guide practitioners and researchers in the two use cases (UCs).
  • UC1 is to help practitioners select appropriate security pattern methods and tools. When practitioners want to reuse and eventually extend existing methods and tools, these must be compared prior to selecting the most appropriate one for the scenario. Selection should be based on how the methods and tools meet the intended objectives. The taxonomy helps compare criteria to assess methods and tools according to their characteristics.
  • UC2 is to communicate research methods and tools to researchers. By incorporating the characteristics of security pattern research into a single structure, the taxonomy can serve as a framework to guide future communications and research on security pattern methods and the corresponding tools. For example, the taxonomy can serve as the basis to build an open repository of information of existing methods and tools. Moreover, the taxonomy should stimulate and improve security pattern research, resulting in improvement of the effectiveness of security patterns.

7. Limitation

Since papers (such as [6,11,45]) dealing with attack patterns often mention them together with related security patterns, we used the term “security pattern” only for the search query. Nevertheless, we may miss research papers that deal with attack papers only without mentioning security patterns. To address this issue, we plan to extend the search query to include the term “attack pattern”.
Research papers are often published in conference proceedings first and refereed journals second, and later (and rarely) in books. To narrow down the survey scope to a specific range of targets, we limit the target publication to a paper in a journal or conference proceeding. Nevertheless, we may miss some books or book chapters describing the latest security pattern research achievements that are not published in conference proceedings or journals. We plan to extend the survey’s target scope to include books and book chapters to address this issue.
We chose Scopus as the search engine since it is effectively used in SLRs of software engineering, and the search results can be exported. The database covers many major publishers, including IEEE, ACM, Springer Nature, Wiley Blackwell, Taylor and Francis, and Elsevier. Furthermore, the database provides a mechanism to perform keyword searches. Although many other SLRs have adopted it, relevant papers may have been missed. To mitigate this issue, we plan to use other databases, extend our SLR, and elicit a public review of the results.
Our SLR’s targets are papers published in 1992–2017. Furthermore, we confirmed that the results are still applicable to the latest situation by examining the top four mostly-cited papers out of 66 latest papers published in 2018–2021. Since these four papers are the most cited ones, we believe that these can represent the latest 66 papers’ trend to some extent. Nevertheless, we still need to continue validating the trends by enhancing our SLR to include the latest publications since other less-cited 62 papers may indicate different directions.

8. Conclusions and Future Work

It is crucial to have a resource for characterizing available security pattern research concerning various characteristics, not only CIA but also others such as suitable development methodologies and phases, to help practitioners select appropriate security pattern methods and tools and to help systems and software security community to communicate and research in methods and tools.
To respond to the necessity, we devised a new comprehensive taxonomy for security pattern research via an SLR. Herein 13 facets are used to define the taxonomy. To clarify the state-of-the-art and future directions of security pattern research from various facets, including topics and security characteristics, this taxonomy analyzed the contents of 240 security pattern research papers identified through an SLR, demonstrating its usefulness. This taxonomy should also support communications among researchers, practitioners, and stakeholders. Hence, it should improve not only the quality of security pattern research but also the effectiveness of security patterns.
The analysis results are summarized along with five features as follows.
  • Purpose: Most papers report applications of security patterns, development methodologies, and pattern classification. Research targets are skewed towards the earlier phases, including analysis and design.
  • Research Implementation: Most papers use general platforms like the web, cloud, and distributed systems. Only around one third mention tools or automation. Evaluations of security pattern usage are an immature research area since it is often limited to a case study or referencing an example even if an evaluation is conducted.
  • Quality: Vulnerabilities or threats are mentioned in only less than one-third of the papers. Many studies examine security characteristics, especially those based on the CIA. Only a few papers adopted security measurements to evaluate patterns.
  • Pattern: There are attack patterns and security patterns, but most focus on security patterns and not attack patterns. Most papers mention a specific security pattern by name. There are more than 230 unique security patterns mentioned.
  • Method: Around two-fifths describe some development methodologies, in which the model-driven approach is the most major one. About two-thirds represent the pattern modeling notations, including UML as the most major one. Security pattern combinations are often not considered.
Future efforts include experimentally verifying our taxonomy using the two use cases (UC1 and UC2) in Section 6. We will implement a collaborative Wiki so that the community can refine and modify the taxonomy online. Besides, we intend to enhance our SLR to include the latest publications that have been published in or after 2018 to confirm the identified research trends and gaps in this paper still exist. In addition, we will extend our SLR using additional databases and additional categories. Our findings will be shared with the public so that our taxonomy can be validated and revised by the community, and standard terminology can be defined.

Author Contributions

Conceptualization and methodology, H.W.; literature review and analysis, all authors. All authors have read and agreed to the published version of the manuscript.

Funding

This research was supported by the SCAT Research Grant, the MEXT enPiT-Pro Smart SE: Smart Systems and Services innovative professional Education program, the JSPS KAKENHI grant number 16H02804, the JSPS KAKENHI grant number 17K00475, the JST-Mirai Program grant number JP18077318, and the JST-Mirai Program grant number JP20319852.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

The data presented in this study are openly available at http://www.washi.cs.waseda.ac.jp/security/.

Acknowledgments

The authors thank Dan Yamamoto and Takafumi Komoto for their helps. They also would like to thank the anonymous reviewers for their insightful comments and suggestions.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Schumacher, M.; Fernández-Buglioni, E.B.; Hybertson, D.; Buschmann, F.; Sommerlad, P. Security Patterns—Integrating Security and Systems Engineering; Wiley: Hoboken, NJ, USA, 2005. [Google Scholar]
  2. Washizaki, H. Security patterns: Research direction, metamodel, application and verification. In Proceedings of the International Workshop on Big Data and Information Security, IWBIS 2017, Jakarta, Indonesia, 23–24 September 2017; pp. 1–4. [Google Scholar]
  3. Ito, Y.; Washizaki, H.; Yoshizawa, M.; Fukazawa, Y.; Okubo, T.; Kaiya, H.; Hazeyama, A.; Yoshioka, N.; Fernandez, E. Systematic Mapping of Security Patterns Research. In Proceedings of the 22nd Conference on Pattern Languages of Programs Conference (PLoP), Pittsburgh, PA, USA, 24–26 October 2015; pp. 1–7. [Google Scholar]
  4. Bouaziz, R.; Kallel, S.; Coulette, B. A Collaborative Process for Developing Secure Component Based Applications. In Proceedings of the 2014 IEEE 23rd International WETICE Conference, WETICE 2014, Parma, Italy, 23–25 June 2014; pp. 306–311. [Google Scholar]
  5. Alvi, A.K.; Zulkernine, M. A Comparative Study of Software Security Pattern Classifications. In Proceedings of the Seventh International Conference on Availability, Reliability and Security, Prague, Czech Republic, 20–24 August 2012; pp. 582–589. [Google Scholar]
  6. Uzunov, A.V.; Fernández, E.B.; Falkner, K. A Comprehensive Pattern-Driven Security Methodology for Distributed Systems. In Proceedings of the 23rd Australian Software Engineering Conference, ASWEC 2014, Milsons Point, Sydney, Australia, 7–10 April 2014; pp. 142–151. [Google Scholar]
  7. Uzunov, A.V.; Falkner, K.E.; Fernández, E.B. A comprehensive pattern-oriented approach to engineering security methodologies. Inf. Softw. Technol. 2015, 57, 217–247. [Google Scholar] [CrossRef]
  8. Bouaziz, R.; Kammoun, S. A Decision Support Map for Security Patterns Application. In Proceedings of the Computational Science and Its Applications—ICCSA 2015—15th International Conference, Banff, AB, Canada, 22–25 June 2015; pp. 750–759. [Google Scholar]
  9. Balopoulos, T.; Gymnopoulos, L.; Karyda, M.; Kokolakis, S.; Gritzalis, S.; Katsikas, S.K. A Framework for Exploiting Security Expertise in Application Development. In Proceedings of the Third International Conference, Trust and Privacy in Digital Business, TrustBus 2006, Krakow, Poland, 4–8 September 2006; pp. 62–70. [Google Scholar]
  10. Guan, H.; Wang, X.; Yang, H. A framework for security driven software evolution. In Proceedings of the 20th International Conference on Automation and Computing, ICAC 2014, Cranfield, Bedfordshire, UK, 12–13 September 2014; pp. 194–199. [Google Scholar]
  11. Singpant, P.; Prompoon, N. A Method for Web Security Context Patterns Development from User Interface Guidelines Based on Structural and Textual Analysis. In Information Science and Applications; Lecture Notes in Electrical Engineering; Kim, K., Ed.; Springer: Berlin/Heidelberg, Germany, 2015; Volume 339, pp. 541–550. [Google Scholar]
  12. Abramov, J.; Anson, O.; Dahan, M.; Shoval, P.; Sturm, A. A methodology for integrating access control policies within database development. Comput. Secur. 2012, 31, 299–314. [Google Scholar] [CrossRef]
  13. Ryoo, J.; Laplante, P.A.; Kazman, R. A Methodology for Mining Security Tactics from Security Patterns. In Proceedings of the 43rd Hawaii International International Conference on Systems Science (HICSS-43 2010), Kauai, HI, USA, 5–8 January 2010; pp. 1–5. [Google Scholar]
  14. Fernandez, E.B.; Larrondo-Petrie, M.M.; Sorgente, T.; Vanhilst, M. A methodology to develop secure systems using patterns. In Integrating Security and Software Engineering: Advances and Future Visions; IGI Global: Hershey, PA, USA, 2006; pp. 107–126. [Google Scholar]
  15. Hamid, B.; Percebois, C. A Modeling and Formal Approach for the Precise Specification of Security Patterns. In Proceedings of the Engineering Secure Software and Systems—6th International Symposium, ESSoS 2014, Munich, Germany, 26–28 February 2014; Lecture Notes in Computer Science. Jürjens, J., Piessens, F., Bielova, N., Eds.; Springer: Berlin/Heidelberg, Germany, 2014; Volume 8364, pp. 95–112. [Google Scholar]
  16. VanHilst, M.; Fernández, E.B.; Braz, F.A. A Multi-Dimensional Classification for Users of Security Patterns. J. Res. Pract. Inf. Technol. 2009, 41, 87–118. [Google Scholar]
  17. Alvi, A.K.; Zulkernine, M. A Natural Classification Scheme for Software Security Patterns. In Proceedings of the IEEE Ninth International Conference on Dependable, Autonomic and Secure Computing, DASC 2011, Sydney, Australia, 12–14 December 2011; pp. 113–120. [Google Scholar]
  18. Mourad, A.; Otrok, H.; Baajour, L. A Novel Approach for the Development and Deployment of Security Patterns. In Proceedings of the 2010 IEEE Second International Conference on Social Computing, SocialCom/IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010, Minneapolis, MN, USA, 20–22 August 2010; pp. 914–919. [Google Scholar]
  19. Abramov, J.; Sturm, A.; Shoval, P. A Pattern Based Approach for Secure Database Design. In Proceedings of the Advanced Information Systems Engineering Workshops-CAiSE 2011 International Workshops, London, UK, 20–24 June 2011; pp. 637–651. [Google Scholar]
  20. Benameur, A.; Fenet, S.; Saïdane, A.; Sinha, S.K. A Pattern-Based General Security Framework: An eBusiness Case Study. In Proceedings of the 11th IEEE International Conference on High Performance Computing and Communications, HPCC 2009, Seoul, Korea, 25–27 June 2009; pp. 339–346. [Google Scholar]
  21. Schnjakin, M.; Menzel, M.; Meinel, C. A pattern-driven security advisor for service-oriented architectures. In Proceedings of the 6th ACM Workshop On Secure Web Services, SWS 2009, Chicago, IL, USA, 13 November 2009; pp. 13–20. [Google Scholar]
  22. Delessy, N.A.; Fernández, E.B. A Pattern-Driven Security Process for SOA Applications. In Proceedings of the The Third International Conference on Availability, Reliability and Security, ARES 2008, Technical University of Catalonia, Barcelona, Spain, 4–7 March 2008; pp. 416–421. [Google Scholar]
  23. Ratchakom, M.; Prompoon, N. A process model design and tool support for information assets access control using security patterns. In Proceedings of the 2011 Eighth International Joint Conference on Computer Science and Software Engineering (JCSSE), Nakhon Pathom, Thailand, 11–13 May 2011; pp. 307–312. [Google Scholar]
  24. Halkidis, S.T.; Chatzigeorgiou, A.; Stephanides, G. A qualitative analysis of software security patterns. Comput. Secur. 2006, 25, 379–392. [Google Scholar] [CrossRef]
  25. Ruiz, J.F.; Rudolph, C.; Maña, A.; Arjona, M. A security engineering process for systems of systems using security patterns. In Proceedings of the IEEE International Systems Conference, SysCon 2014, Ottawa, ON, Canada, 31 March—3 April 2014; pp. 8–11. [Google Scholar]
  26. Varela-Vaca, A.J.; Warschofsky, R.; Gasca, R.M.; Pozo, S.; Meinel, C. A Security Pattern-Driven Approach toward the Automation of Risk Treatment in Business Processes. In Proceedings of the International Joint Conference CISIS’12-ICEUTE’12-SOCO’12 Special Sessions, Ostrava, Czech Republic, 5–7 September 2012; pp. 13–23. [Google Scholar]
  27. Fernández, E.B.; Monge, R. A security reference architecture for cloud systems. In Proceedings of the WICSA 2014 Companion Volume, Sydney, Australia, 7–11 April 2014; pp. 3:1–3:5. [Google Scholar]
  28. Tekbacak, F.; Tuglular, T.; Dikenelli, O. A Semantic Based Certification and Access Control Approach Using Security Patterns on SEAGENT. In Proceedings of the Twentieth International Conference on Software Engineering & Knowledge Engineering (SEKE’2008), San Francisco, CA, USA, 1–3 July 2008; pp. 741–744. [Google Scholar]
  29. Rosado, D.G.; Fernández-Medina, E.; Piattini, M.; Gutiérrez, C. A Study of Security Architectural Patterns. In Proceedings of the The First International Conference on Availability, Reliability and Security, ARES 2006, The International Dependability Conference—Bridging Theory and Practice, Vienna, Austria, 20–22 April 2006; pp. 358–365. [Google Scholar]
  30. Uzunov, A.V. A survey of security solutions for distributed publish/subscribe systems. Comput. Secur. 2016, 61, 94–129. [Google Scholar] [CrossRef]
  31. Ahmed, N.; Matulevicius, R. A taxonomy for assessing security in business process modelling. In Proceedings of the IEEE 7th International Conference on Research Challenges in Information Science, RCIS 2013, Paris, France, 29–31 May 2013; pp. 1–10. [Google Scholar]
  32. Bergmann, G.; Massacci, F.; Paci, F.; Tun, T.T.; Varró, D.; Yu, Y. A Tool for Managing Evolving Security Requirements. In Proceedings of the IS Olympics: Information Systems in a Diverse World-CAiSE Forum 2011, London, UK, 20–24 June 2011; pp. 110–125. [Google Scholar]
  33. Fernández, E.B.; Sorgente, T.; Larrondo-Petrie, M.M. A UML-Based Methodology for Secure Systems: The Design Stage. In Proceedings of the 3rd International Workshop on Security in Information Systems, WOSIS 2005, Miami, FL, USA, 24–25 May 2005; Fernández-Medina, E., Castro, J.C.H., Castro, L.J.G., Eds.; INSTICC Press: Rua dos Lusiadas/Lisboa, Portugal, 2005; pp. 207–216. [Google Scholar]
  34. Fernandez, E.B.; Washizaki, H.; Yoshioka, N. Abstract Security Patterns. In Proceedings of the 15th Conference on Pattern Languages of Programs; Association for Computing Machinery: New York, NY, USA, 2008. [Google Scholar]
  35. Fernández, E.B.; Yoshioka, N.; Washizaki, H.; Yoder, J.W. Abstract security patterns for requirements specification and analysis of secure systems. In Proceedings of the Anais do WER14—Workshop em Engenharia de Requisitos, Pucón, Chile, 23–25 April 2014. [Google Scholar]
  36. Busnel, P.; Khoury, P.E.; Giroux, S.; Li, K. Achieving Socio-technical Confidentiality Using Security Pattern in Smart Homes. In Proceedings of the Second International Conference on Future Generation Communication and Networking, FGCN 2008, Sanya, China, 13–15 December 2008; Volume 2, pp. 447–452. [Google Scholar]
  37. Heyman, T.; Yskout, K.; Scandariato, R.; Joosen, W. An Analysis of the Security Patterns Landscape. In Proceedings of the Third International Workshop on Software Engineering for Secure Systems, SESS 2007, Minneapolis, MN, USA, 20–26 May 2007; p. 3. [Google Scholar]
  38. Bouaziz, R.; Kallel, S.; Coulette, B. An Approach for Security Patterns Application in Component Based Models. In Proceedings of the Computational Science and Its Applications—ICCSA 2014—14th International Conference, Guimarães, Portugal, 30 June–33 July 2014; pp. 283–296. [Google Scholar]
  39. Fernández, E.B.; Washizaki, H.; Yoshioka, N.; VanHilst, M. An Approach to Model-based Development of Secure and Reliable Systems. In Proceedings of the Sixth International Conference on Availability, Reliability and Security, ARES 2011, Vienna, Austria, 22–26 August 2011; pp. 260–265. [Google Scholar]
  40. Serrano, D.; Na, A.M.; Soria-Rodríguez, P.; nuela, A.P.; Sotirious, A.D. An Architecture for secure ambient intelligence environments. In Advances in Soft Computing, Proceedings of the 3rd Symposium of Ubiquitous Computing and Ambient Intelligence 2008; Corbacho, J.M., Tapia y JoséBravo, D.I., Eds.; Springer: Berlin/Heidelberg, Germeny, 2009; pp. 21–29. [Google Scholar]
  41. Bunke, M.; Sohr, K. An Architecture-Centric Approach to Detecting Security Patterns in Software. In Proceedings of the Engineering Secure Software and Systems—Third International Symposium, ESSoS 2011, Madrid, Spain, 9–10 February 2011; pp. 156–166. [Google Scholar]
  42. Mouheb, D.; Talhi, C.; Mourad, A.; Lima, V.; Debbabi, M.; Wang, L.; Pourzandi, M. An Aspect-Oriented Approach for Software Security Hardening: From Design to Implementation. In Proceedings of the New Trends in Software Methodologies, Tools and Techniques—Proceedings of the Eighth SoMeT 2009, Prague, Czech Republic, 23–25 September 2009; IOS Press: Amsterdam, The Netherlands, 2009; pp. 203–222. [Google Scholar]
  43. Mourad, A.; Laverdière, M.; Debbabi, M. An aspect-oriented approach for the systematic security hardening of code. Comput. Secur. 2008, 27, 101–114. [Google Scholar] [CrossRef]
  44. Alebrahim, A.; Tun, T.T.; Yu, Y.; Heisel, M.; Nuseibeh, B. An Aspect-Oriented Approach to Detecting Security Patterns in Approach to Relating Security Requirements and Access Control. In Proceedings of the CAiSE’12 Forum at the 24th International Conference on Advanced Information Systems Engineering (CAiSE), Gdansk, Poland, 28 June 2012; pp. 15–22. [Google Scholar]
  45. He, K.; Feng, Z.; Li, X. An Attack Scenario Based Approach for Software Security Testing at Design Stage. In Proceedings of the 2008 International Symposium on Computer Science and Computational Technology, ISCSCT 2008, Shanghai, China, 20–22 December 2008; Volume 2, pp. 782–787. [Google Scholar]
  46. Bouaziz, R.; Kallel, S.; Coulette, B. An Engineering Process for Security Patterns Application in Component Based Models. In Proceedings of the 2013 Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, Hammamet, Tunisia, 17–20 June 2013; Reddy, S., Jmaiel, M., Eds.; IEEE Computer Society: Piscataway, NJ, USA, 2013; pp. 231–236. [Google Scholar]
  47. Alaküla, M.; Matulevicius, R. An Experience Report of Improving Business Process Compliance Using Security Risk-Oriented Patterns. In Proceedings of the Practice of Enterprise Modeling—8th IFIP WG 8.1. Working Conference, PoEM 2015, Valencia, Spain, 10–12 November 2015; pp. 271–285. [Google Scholar]
  48. Noël, R.; Pedraza-Garcia, G.; Astudillo, H.; Fernández, E.B. An exploratory comparison of security patterns and tactics to harden systems. In Proceedings of the XVII Iberoamerican Conference on Software Engineering, CIbSE 2014, Pucon, Chile, 23–25 April 2014; Curran Associates: Red Hook, NY, USA, 2014; pp. 378–391. [Google Scholar]
  49. Khoury, P.E.; Mokhtari, A.; Coquery, E.; Hacid, M. An Ontological Interface for Software Developers to Select Security Patterns. In Proceedings of the 19th International Workshop on Database and Expert Systems Applications (DEXA 2008), Turin, Italy, 1–5 September 2008; pp. 297–301. [Google Scholar]
  50. Guan, H.; Yang, H.; Wang, J. An ontology-based approach to security pattern selection. Int. J. Autom. Comput. 2016, 13, 168–182. [Google Scholar] [CrossRef] [Green Version]
  51. Hwang, G.; Chang, T. An operational model and language support for securing XML documents. Comput. Secur. 2004, 23, 498–529. [Google Scholar] [CrossRef]
  52. Ortiz, R.; Garzás, J.; Fernández-Medina, E. Analysis of Application of Security Patterns to Build Secure Systems. In Proceedings of the Advanced Information Systems Engineering Workshops - CAiSE 2011 International Workshops, London, UK, 20–24 June 2011; pp. 652–659. [Google Scholar]
  53. Li, T.; Horkoff, J.; Mylopoulos, J. Analyzing and Enforcing Security Mechanisms on Requirements Specifications. In Proceedings of the Requirements Engineering: Foundation for Software Quality—21st International Working Conference, REFSQ 2015, Essen, Germany, 23–26 March 2015; pp. 115–131. [Google Scholar]
  54. Ortiz, R.; Moral-García, S.; Moral-Rubio, S.; Vela, B.; Garzás, J.; Fernández-Medina, E. Applicability of Security Patterns. In Proceedings of the On the Move to Meaningful Internet Systems: OTM 2010—Confederated International Conferences: CoopIS, IS, DOA and ODBASE, Hersonissos, Crete, Greece, 25–29 October 2010; pp. 672–684. [Google Scholar]
  55. Changadwech, C.; Prompoon, N. Applying information retrieval technique for security requirements verification based on security patterns. In Proceedings of the Lecture Notes in Engineering and Computer Science, Hong Kong, China, 16–18 March 2016; Volume 1, pp. 467–472. [Google Scholar]
  56. Bouaziz, R.; Coulette, B. Applying Security Patterns for Component Based Applications Using UML Profile. In Proceedings of the 15th IEEE International Conference on Computational Science and Engineering, CSE 2012, Paphos, Cyprus, 5–7 December 2012; pp. 186–193. [Google Scholar]
  57. Halkidis, S.T.; Tsantalis, N.; Chatzigeorgiou, A.; Stephanides, G. Architectural Risk Analysis of Software Systems Based on Security Patterns. IEEE Trans. Dependable Secur. Comput. 2008, 5, 129–142. [Google Scholar] [CrossRef]
  58. Uzunov, A.V.; Fernández, E.B.; Falkner, K.E. ASE: A comprehensive pattern-driven security methodology for distributed systems. Comput. Stand. Interfaces 2015, 41, 112–137. [Google Scholar] [CrossRef]
  59. Steinegger, R.; Schäfer, J.; Vogler, M.; Abeck, S. Attack surface reduction for web services based on authorization patterns. In Proceedings of the SECURWARE 2014—8th International Conference on Emerging Security Information, Systems and Technologies, Lisbon, Portugal, 24–28 March 2014; pp. 194–201. [Google Scholar]
  60. Warschofsky, R.; Menzel, M.; Meinel, C. Automated Security Service Orchestration for the Identity Management in Web Service Based Systems. In Proceedings of the IEEE International Conference on Web Services, ICWS 2011, Washington, DC, USA, 4–9 July 2011; pp. 596–603. [Google Scholar]
  61. Dong, J.; Peng, T.; Zhao, Y. Automated verification of security pattern compositions. Inf. Softw. Technol. 2010, 52, 274–295. [Google Scholar] [CrossRef]
  62. Gunawan, L.A.; Kraemer, F.A.; Herrmann, P. Behavioral Singletons to Consistently Handle Global States of Security Patterns. In Proceedings of the Distributed Applications and Interoperable Systems—12th IFIP WG 6.1 International Conference, DAIS 2012, Stockholm, Sweden, 13–16 June 2012; pp. 73–86. [Google Scholar]
  63. Tatsubori, M.; Imamura, T.; Nakamura, Y. Best-Practice Patterns and Tool Support for Configuring Secure Web Services Messaging. In Proceedings of the IEEE International Conference on Web Services (ICWS’04), San Diego, CA, USA, 6–9 June 2004; pp. 244–251. [Google Scholar]
  64. Fernández, E.B.; Monge, R.; Hashizume, K. Building a security reference architecture for cloud systems. Requir. Eng. 2016, 21, 225–249. [Google Scholar] [CrossRef]
  65. Rimba, P. Building high assurance secure applications using security patterns for capability-based platforms. In Proceedings of the 35th International Conference on Software Engineering, ICSE ’13, San Francisco, CA, USA, 18–26 May 2013; pp. 1401–1404. [Google Scholar]
  66. Fernández, E.B.; Mujica, S. Building Secure Systems: From Threats to Security Patterns. In Proceedings of the XXIX International Conference of the Chilean Computer Science Society, SCCC 2010, Antofagasta, Chile, 15–19 November 2010; pp. 66–70. [Google Scholar]
  67. Bayley, I. Challenges for a Formal Framework for Patterns. In Cyberpatterns, Unifying Design Patterns with Security and Attack Patterns; Blackwell, C., Zhu, H., Eds.; Springer: Berlin/Heidelberg, Germany, 2014; pp. 47–55. [Google Scholar]
  68. Slavin, R.; Shen, H.; Niu, J. Characterizations and boundaries of security requirements patterns. In Proceedings of the Second IEEE International Workshop on Requirements Patterns, RePa 2012, Chicago, IL, USA, 24 September 2012; pp. 48–53. [Google Scholar]
  69. Fernández, E.B.; Washizaki, H.; Yoshioka, N.; Kubo, A.; Fukazawa, Y. Classifying Security Patterns. In Proceedings of the Progress in WWW Research and Development, 10th Asia-Pacific Web Conference, APWeb 2008, Shenyang, China, 26–28 April 2008; pp. 342–347. [Google Scholar]
  70. Rimba, P.; Zhu, L.; Bass, L.; Kuz, I.; Reeves, S. Composing Patterns to Construct Secure Systems. In Proceedings of the 11th European Dependable Computing Conference, EDCC 2015, Paris, France, 7–11 September 2015; pp. 213–224. [Google Scholar]
  71. Alzahrani, A.A.H.; Eden, A.H.; Yafi, M.Z. Conformance checking of single access point pattern in JAAS using codecharts. In Proceedings of the 2015 World Congress on Information Technology and Computer Applications, WCITCA 2015, Hammamet, Tunisia, 11–13 June 2015. [Google Scholar]
  72. Schmidt, H.; Jürjens, J. Connecting Security Requirements Analysis and Secure Design Using Patterns and UMLsec. In Proceedings of the Advanced Information Systems Engineering—23rd International Conference, CAiSE 2011, London, UK, 20–24 June 2011; pp. 367–382. [Google Scholar]
  73. Ouedraogo, W.F.; Biennier, F.; Silva, C.F.D.; Ghodous, P. Context-aware [email protected] Deployment. In Proceedings of the 5th International Conference on Cloud Computing and Services Science, CLOSER 2015, Lisbon, Portugal, 20–22 May 2015; SciTePress: Setubal, Portugal, 2015; pp. 276–283. [Google Scholar]
  74. Bouaziz, R.; Krichen, F.; Coulette, B. C-SCRIP: Collaborative Security Pattern Integration Process. Int. J. Inf. Technol. Web Eng. 2015, 10, 31–46. [Google Scholar] [CrossRef]
  75. Li, T.; Horkoff, J. Dealing with Security Requirements for Socio-Technical Systems: A Holistic Approach. In Proceedings of the Advanced Information Systems Engineering—26th International Conference, CAiSE 2014, Thessaloniki, Greece, 16–20 June 2014; pp. 285–300. [Google Scholar]
  76. Tian, K.; Cooper, K.M.L.; Feng, K.; Tang, Y. Defining Re-usable Composite Aspect Patterns: An FDAF Based Approach. In Proceedings of the On the Move to Meaningful Internet Systems: OTM 2008 Workshops, OTM Confederated International Workshops and Posters, ADI, AWeSoMe, COMBEK, EI2N, IWSSA, MONET, OnToContent + QSI, ORM, PerSys, RDDS, SEMELS, and SWWS 2008, Monterrey, Mexico, 9–14 November 2008; pp. 384–395. [Google Scholar]
  77. Rosado, D.G.; Gutiérrez, C.; Fernández-Medina, E.; Piattini, M. Defining Security Architectural Patterns Based on Viewpoints. In Proceedings of the Computational Science and Its Applications—ICCSA 2007, International Conference, Part III, Kuala Lumpur, Malaysia, 26–29 August 2007; pp. 262–272. [Google Scholar]
  78. Rosado, D.G.; Gutiérrez, C.; Fernández-Medina, E.; Piattini, M. Defining Viewpoints for Security Architectural Patterns. In Proceedings of the SECRYPT 2006, Proceedings of the International Conference on Security and Cryptography, Setúbal, Portugal, 7–10 August 2006; INSTICC Press: Lisboa, Portugal, 2006; pp. 419–424. [Google Scholar]
  79. Fernández, E.B.; Larrondo-Petrie, M.M. Designing Secure SCADA Systems Using Security Patterns. In Proceedings of the 43rd Hawaii International International Conference on Systems Science (HICSS-43 2010), Kauai, HI, USA, 5–8 January 2010; pp. 1–8. [Google Scholar]
  80. Gymnopoulos, L.; Karyda, M.; Balopoulos, T.; Dritsas, S.; Kokolakis, S.; Lambrinoudakis, C.; Gritzalis, S. Developing a security patterns repository for secure applications design. In Proceedings of the 5th European Conference on Information Warfare and Security 2006, ECIW 2006, Helsinki, Finland, 1–2 June 2006; pp. 51–60. [Google Scholar]
  81. Serrano, D.; Ruíz, J.F.; Muñoz, A.; Maña, A.; Armenteros, A.; Crespo, B.G. Development of applications based on security patterns. In Proceedings of the 2009 2nd International Conference on Dependability, DEPEND 2009, Athens/Glyfada, Greece, 18–23 June 2009; pp. 111–116. [Google Scholar]
  82. Yskout, K.; Scandariato, R.; Joosen, W. Do Security Patterns Really Help Designers? In Proceedings of the 37th IEEE/ACM International Conference on Software Engineering, ICSE 2015, Florence, Italy, 16–24 May 2015; pp. 292–302. [Google Scholar]
  83. Yskout, K.; Scandariato, R.; Joosen, W. Does organizing security patterns focus architectural choices? In Proceedings of the 34th International Conference on Software Engineering, ICSE 2012, Zurich, Switzerland, 2–9 June 2012; pp. 617–627. [Google Scholar]
  84. Gandhi, R.A.; Rahmani, M. Early security patterns: A collection of constraints to describe regulatory security requirements. In Proceedings of the Second IEEE International Workshop on Requirements Patterns, RePa 2012, Chicago, IL, USA, 24 September 2012; pp. 17–22. [Google Scholar]
  85. Okubo, T.; Kaiya, H.; Yoshioka, N. Effective Security Impact Analysis with Patterns for Software Enhancement. In Proceedings of the Sixth International Conference on Availability, Reliability and Security, ARES 2011, Vienna, Austria, 22–26 August 2011; pp. 527–534. [Google Scholar]
  86. Mathew, G. Elements of application security in the cloud computing environment. In Proceedings of the 2012 IEEE Conference on Open Systems, ICOS 2012, Kuala Lumpur, Malaysia, 21–24 October 2012. [Google Scholar]
  87. Braz, F.A.; Fernández, E.B.; VanHilst, M. Eliciting Security Requirements through Misuse Activities. In Proceedings of the 19th International Workshop on Database and Expert Systems Applications (DEXA 2008), Turin, Italy, 1–5 September 2008; pp. 328–333. [Google Scholar]
  88. Solinas, M.; Fernández, E.B.; Antonelli, L. Embedding Security Patterns into a Domain Model. In Proceedings of the Database and Expert Systems Applications, DEXA, International Workshops, Linz, Austria, 31 August–4 September 2009; pp. 176–180. [Google Scholar]
  89. Yu, Y.; Kaiya, H.; Washizaki, H.; Xiong, Y.; Hu, Z.; Yoshioka, N. Enforcing a security pattern in stakeholder goal models. In Proceedings of the 4th ACM Workshop on Quality of Protection, QoP 2008, Alexandria, VA, USA, 27 October 2008; pp. 9–14. [Google Scholar]
  90. Khoury, P.; Busnel, P.; Giroux, S. Enforcing security in smart homes using security patterns. Int. J. Smart Home 2009, 3, 57–70. [Google Scholar]
  91. Uzunov, A.V.; Fernández, E.B.; Falkner, K. Engineering Security into Distributed Systems: A Survey of Methodologies. J. Univ. Comput. Sci. 2012, 18, 2920–3006. [Google Scholar]
  92. Katt, B.; Gander, M.; Breu, R.; Felderer, M. Enhancing Model Driven Security through Pattern Refinement Techniques. In Proceedings of the Formal Methods for Components and Objects, 10th International Symposium, FMCO 2011, Turin, Italy, 3–5 October 2011; pp. 169–183. [Google Scholar]
  93. Supaporn, K.; Prompoon, N.; Rojkangsadan, T. Enterprise Assets Security Requirements Construction from ESRMG Grammar based on Security Patterns. In Proceedings of the 14th Asia-Pacific Software Engineering Conference (APSEC 2007), Nagoya, Japan, 5–7 December 2007; pp. 112–119. [Google Scholar]
  94. Moral-García, S.; Moral-Rubio, S.; Fernández, E.B.; Fernández-Medina, E. Enterprise security pattern: A model-driven architecture instance. Comput. Stand. Interfaces 2014, 36, 748–758. [Google Scholar] [CrossRef]
  95. Moral-García, S.; Moral-Rubio, S.; Rosado, D.G.; Fernández, E.B.; Fernández-Medina, E. Enterprise security pattern: A new type of security pattern. Secur. Commun. Netw. 2014, 7, 1670–1690. [Google Scholar] [CrossRef]
  96. Faily, S.; Parkin, S.; Lyle, J. Evaluating the Implications of Attack and Security Patterns with Premortems. In Cyberpatterns, Unifying Design Patterns with Security and Attack Patterns; Blackwell, C., Zhu, H., Eds.; Springer: Berlin/Heidelberg, Germany, 2014; pp. 199–209. [Google Scholar]
  97. Abramov, J.; Sturm, A.; Shoval, P. Evaluation of the Pattern-based method for Secure Development (PbSD): A controlled experiment. Inf. Softw. Technol. 2012, 54, 1029–1043. [Google Scholar] [CrossRef]
  98. Dalai, A.K.; Jena, S.K. Evaluation of web application security risks and secure design patterns. In Proceedings of the 2011 International Conference on Communication, Computing & Security, ICCCS 2011, Odisha, India, 12–14 February 2011; pp. 565–568. [Google Scholar]
  99. Hafiz, M.; Johnson, R.E. Evolution of the MTA architecture: The impact of security. Softw. Pract. Exp. 2008, 38, 1569–1599. [Google Scholar] [CrossRef]
  100. van Veenstra, A.F.; Ramilli, M. Exploring Information Security Issues in Public Sector Inter-organizational Collaboration. In Proceedings of the Electronic Government–10th IFIP WG 8.5 International Conference, EGOV 2011, Delft, The Netherlands, 28 August–2 September 2011; pp. 355–366. [Google Scholar]
  101. Savic, D.; Simic, D.; Vlajic, S. Extended Software Architecture Based on Security Patterns. Informatica 2010, 21, 229–246. [Google Scholar] [CrossRef]
  102. Robinson, P. Extensible Security Patterns. In Proceedings of the 18th International Workshop on Database and Expert Systems Applications (DEXA 2007), Regensburg, Germany, 3–7 September 2007; pp. 729–733. [Google Scholar]
  103. Muñoz, A.; Maña, A. Facilitating the Use of TPM Technologies Using the Serenity Framework. In Proceedings of the Autonomic and Trusted Computing—8th International Conference, ATC 2011, Banff, AB, Canada, 2–4 September 2011; pp. 164–174. [Google Scholar]
  104. Near, J.P.; Jackson, D. Finding security bugs in web applications using a catalog of access control patterns. In Proceedings of the 38th International Conference on Software Engineering, ICSE 2016, Austin, TX, USA, 14–22 May 2016; pp. 947–958. [Google Scholar]
  105. Ruamjinda, P.; Prompoon, N. Framwork for information security standards storage and retrieval using security patterns. In Proceedings of the IEEE International Conference on Software Engineering and Service Sciences, ICSESS, Beijing, China, 23–25 May 2013; pp. 296–300. [Google Scholar]
  106. Horvath, V.; Dörges, T. From security patterns to implementation using petri nets. In Proceedings of the Fourth International Workshop on Software Engineering for Secure Systems, SESS 2008, Leipzig, Germany, 17–18 May 2008; pp. 17–24. [Google Scholar]
  107. Hafiz, M.; Adamczyk, P.; Johnson, R.E. Growing a pattern language (for security). In Proceedings of the ACM Symposium on New Ideas in Programming and Reflections on Software, Onward! 2012, part of SPLASH ’12, Tucson, AZ, USA, 21–26 October 2012; pp. 139–158. [Google Scholar]
  108. Dikanski, A.; Steinegger, R.; Abeck, S. Identification and implementation of authentication and authorization patterns in the spring security framework. In Proceedings of the SECURWARE 2012—6th International Conference on Emerging Security Information, Systems and Technologies, Rome, Italy, 19–24 August 2012; pp. 14–20. [Google Scholar]
  109. Patu, V.; Yamamoto, S. Identifying and Implementing Security Patterns for a Dependable Security Case—From Security Patterns to D-Case. In Proceedings of the 16th IEEE International Conference on Computational Science and Engineering, CSE 2013, Sydney, Australia, 3–5 December 2013; pp. 138–142. [Google Scholar]
  110. Yoshizawa, M.; Washizaki, H.; Fukazawa, Y.; Okubo, T.; Kaiya, H.; Yoshioka, N. Implementation Support of Security Design Patterns Using Test Templates. Information 2016, 7, 34. [Google Scholar] [CrossRef] [Green Version]
  111. Edge, C.; Mitropoulos, F. Improving security design patterns with aspect-oriented strategies. In Proceedings of the 50th Annual Southeast Regional Conference, 2012, Tuscaloosa, AL, USA, 29–31 March 2012; pp. 24–29. [Google Scholar]
  112. Washizaki, H.; Fernández, E.B.; Maruyama, K.; Kubo, A.; Yoshioka, N. Improving the Classification of Security Patterns. In Proceedings of the Database and Expert Systems Applications, DEXA, International Workshops, Linz, Austria, 31 August–4 September 2009; pp. 165–170. [Google Scholar]
  113. Netter, M.; Pernul, G. Integrating Security Patterns into the Electronic Invoicing Process. In Proceedings of the Database and Expert Systems Applications, DEXA, International Workshops, Linz, Austria, 31 August–4 September 2009; pp. 150–154. [Google Scholar]
  114. Li, T.; Horkoff, J.; Mylopoulos, J. Integrating Security Patterns with Security Requirements Analysis Using Contextual Goal Models. In Proceedings of the The Practice of Enterprise Modeling—7th IFIP WG 8.1 Working Conference, PoEM 2014, Manchester, UK, 12–13 November 2014; pp. 208–223. [Google Scholar]
  115. Filho, A.E.S.; Smith, P.; Mauthe, A.; Hutchison, D. Management Patterns for Network Resilience: Design and Verification of Policy Configurations. In Cyberpatterns, Unifying Design Patterns with Security and Attack Patterns; Blackwell, C., Zhu, H., Eds.; Springer: Berlin/Heidelberg, Germany, 2014; pp. 85–95. [Google Scholar]
  116. Fernández, E.B.; Yoshioka, N.; Washizaki, H.; Van Hilst, M. Measuring the Level of Security Introduced by Security Patterns. In Proceedings of the ARES 2010, Fifth International Conference on Availability, Reliability and Security, Krakow, Poland, 15–18 February 2010; pp. 565–568. [Google Scholar]
  117. Dong, J.; Peng, T.; Zhao, Y. Model Checking Security Pattern Compositions. In Proceedings of the Seventh International Conference on Quality Software (QSIC 2007), Portland, OR, USA, 11–12 October 2007; pp. 80–89. [Google Scholar]
  118. Shiroma, Y.; Washizaki, H.; Fukazawa, Y.; Kubo, A.; Yoshioka, N. Model-Driven Security Patterns Application Based on Dependences among Patterns. In Proceedings of the ARES 2010, Fifth International Conference on Availability, Reliability and Security, Krakow, Poland, 15–18 February 2010; pp. 555–559. [Google Scholar]
  119. Nguyen, P.H.; Klein, J.; Traon, Y.L. Model-Driven Security with A System of Aspect-Oriented Security Design Patterns. In Proceedings of the 2nd Workshop on View-Based, Aspect-Oriented and Orthographic Software Modelling, VAO@STAF 2014, York, UK, 22 July 2014; pp. 51–54. [Google Scholar]
  120. Li, T.; Mylopoulos, J. Modeling and Applying Security Patterns Using Contextual Goal Models. In Proceedings of the Seventh International i* Workshop co-located with the 26th International Conference on Advanced Information Systems Engineering (CAiSE 2014), Thessaloniki, Greece, 16–17 June 2014. [Google Scholar]
  121. Dai, L.; Cooper, K.M.L. Modeling and performance analysis for security aspects. Sci. Comput. Program. 2006, 61, 58–71. [Google Scholar] [CrossRef] [Green Version]
  122. Asnar, Y.; Paja, E.; Mylopoulos, J. Modeling Design Patterns with Description Logics: A Case Study. In Proceedings of the Advanced Information Systems Engineering—23rd International Conference, CAiSE 2011, London, UK, 20–24 June 2011; pp. 169–183. [Google Scholar]
  123. Fernández, E.B.; Yoshioka, N.; Washizaki, H. Modeling Misuse Patterns. In Proceedings of the The Forth International Conference on Availability, Reliability and Security, ARES 2009, Fukuoka, Japan, 16–19 March 2009; pp. 566–571. [Google Scholar]
  124. Mouratidis, H.; Weiss, M.; Giorgini, P. Modeling Secure Systems Using an Agent-oriented Approach and Security Patterns. Int. J. Softw. Eng. Knowl. Eng. 2006, 16, 471. [Google Scholar] [CrossRef]
  125. Weiss, M. Modelling security patterns using NFR analysis. In Integrating Security and Software Engineering: Advances and Future Visions; IGI Global: Hershey, PA, USA, 2006; pp. 127–141. [Google Scholar]
  126. Halkidis, S.T.; Chatzigeorgiou, A.; Stephanides, G. Moving from Requirements to Design Confronting Security Issues: A Case Study. In Proceedings of the On the Move to Meaningful Internet Systems: OTM 2009, Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009, Part II, Vilamoura, Portugal, 1–6 November 2009; pp. 798–814. [Google Scholar]
  127. Mourad, A.; Otrok, H.; Baajour, L. New Approach Targeting Security Patterns Development and Deployment. Inf. Secur. J. A Glob. Perspect. 2011, 20, 231–244. [Google Scholar] [CrossRef]
  128. Fernández, E.B.; Wu, J.; Larrondo-Petrie, M.M.; Shao, Y. On building secure SCADA systems using security patterns. In Proceedings of the Fifth Cyber Security and Information Intelligence Research Workshop, CSIIRW’09, Knoxville, TN, USA, 13–15 April 2009; p. 17. [Google Scholar]
  129. Bunke, M. On the description of software security patterns. In Proceedings of the 19th European Conference on Pattern Languages of Programs, EuroPLoP 2014, Irsee, Germany, 9–13 July 2014; pp. 34:1–34:10. [Google Scholar]
  130. Hafiz, M.; Adamczyk, P.; Johnson, R.E. Organizing Security Patterns. IEEE Softw. 2007, 24, 52–60. [Google Scholar] [CrossRef]
  131. Dove, R. Pattern qualifications and examples of next-generation agile system-security strategies. In Proceedings of the International Carnahan Conference on Security Technology, San Jose, CA, USA, 5–8 October 2010; pp. 71–80. [Google Scholar]
  132. Rrenja, A.; Matulevicius, R. Pattern-Based Security Requirements Derivation from Secure Tropos Models. In Proceedings of the Practice of Enterprise Modeling—8th IFIP WG 8.1. Working Conference, PoEM 2015, Valencia, Spain, 10–12 November 2015; pp. 59–74. [Google Scholar]
  133. Fernández, E.B.; Pernul, G.; Larrondo-Petrie, M.M. Patterns and Pattern Diagrams for Access Control. In Proceedings of the Trust, Privacy and Security in Digital Business, 5th International Conference, TrustBus 2008, Turin, Italy, 4–5 September 2008; pp. 38–47. [Google Scholar]
  134. Fernández, E.B.; Yoshioka, N.; Washizaki, H. Patterns for security and privacy in cloud ecosystems. In Proceedings of the 2nd IEEE Workshop on Evolving Security and Privacy Requirements Engineering, ESPRE 2015, Ottawa, ON, Canada, 25 August 2015; pp. 13–18. [Google Scholar]
  135. Hafiz, M.; Adamczyk, P.; Johnson, R.E. Patterns Transform Architectures. In Proceedings of the 9th Working IEEE/IFIP Conference on Software Architecture, WICSA 2011, Boulder, CO, USA, 20–24 June 2011; pp. 242–251. [Google Scholar]
  136. Thomsen, D. Practical policy patterns. In Proceedings of the First ACM Conference on Data and Application Security and Privacy, CODASPY 2011, San Antonio, TX, USA, 21–23 February 2011; pp. 225–230. [Google Scholar] [CrossRef]
  137. Hazeyama, A.; Saito, M. Preliminary Evaluation of a Software Security Learning Environment. Int. J. Softw. Innov. 2014, 2, 26–39. [Google Scholar] [CrossRef] [Green Version]
  138. Fernández, E.B. Preventing and unifying threats in cyberphysical systems. In Proceedings of the 17th IEEE International Symposium on High Assurance Systems Engineering, HASE 2016, Orlando, FL, USA, 7–9 January 2016; pp. 292–293. [Google Scholar]
  139. Romanosky, S.; Acquisti, A.; Hong, J.; Cranor, L.F.; Friedman, B. Privacy patterns for online interactions. In Proceedings of the PLoP 2006—PLoP Pattern Languages of Programs 2006 Conference Proceedings, Portland, OR, USA, 21–23 October 2006. [Google Scholar]
  140. Alebrahim, A.; Heisel, M. Problem-oriented security patterns for requirements engineering. In Proceedings of the 19th European Conference on Pattern Languages of Programs, EuroPLoP 2014, Irsee, Germany, 9–13 July 2014; pp. 9:1–9:17. [Google Scholar]
  141. Halkidis, S.T.; Chatzigeorgiou, A.; Stephanides, G. Quantitative Evaluation of Systems with Security Patterns Using a Fuzzy Approach. In Proceedings of the On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, OTM Confederated International Workshops and Posters, AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET, OnToContent, ORM, PerSys, OTM Academy Doctoral Consortium, RDDS, SWWS, and SeBGIS 2006 Part I, Montpellier, France, 29 October–3 November 2006; pp. 554–564. [Google Scholar]
  142. Hafner, M.; Breu, R. Realizing Model Driven Security for Inter-organizational Workflows with WS-CDL and UML 2.0. In Proceedings of the 8th International Conference, MoDELS 2005, Model Driven Engineering Languages and Systems, Montego Bay, Jamaica, 2–7 October 2005; pp. 39–53. [Google Scholar]
  143. Netter, M.; Fernández, E.B.; Pernul, G. Refining the Pattern-Based Reference Model for Electronic Invoices by Incorporating Threats. In Proceedings of the ARES 2010, Fifth International Conference on Availability, Reliability and Security, Krakow, Poland, 15–18 February 2010; pp. 560–564. [Google Scholar]
  144. Heyman, T.; Scandariato, R.; Joosen, W. Reusable Formal Models for Secure Software Architectures. In Proceedings of the 2012 Joint Working IEEE/IFIP Conference on Software Architecture and European Conference on Software Architecture, WICSA/ECSA 2012, Helsinki, Finland, 20–24 August 2012; pp. 41–50. [Google Scholar]
  145. Fernández, E.B.; Astudillo, H.; Pedraza-Garcia, G. Revisiting Architectural Tactics for Security. In Proceedings of the Software Architecture - 9th European Conference, ECSA 2015, Dubrovnik/Cavtat, Croatia, 7–11 September 2015; pp. 55–69. [Google Scholar]
  146. Bouaziz, R.; Kammoun, S. SCRIStUDIO: A security pattern integration tool. In Proceedings of the 2016 International Conference on Information Technology for Organizations Development, IT4OD 2016, Fez, Morocco, 30 March–1 April 2016. [Google Scholar]
  147. Bergmann, G.; Massacci, F.; Paci, F.; Tun, T.T.; Varró, D.; Yu, Y. SeCMER: A Tool to Gain Control of Security Requirements Evolution. In Proceedings of the Towards a Service-Based Internet—4th European Conference, ServiceWave 2011, Poznan, Poland, 26–28 October 2011; pp. 321–322. [Google Scholar]
  148. Hafner, M.; Breu, R.; Agreiter, B.; Nowak, A. Sectet: An extensible framework for the realization of secure inter-organizational workflows. Internet Res. 2006, 16, 491–506. [Google Scholar] [CrossRef]
  149. Bouaziz, R.; Coulette, B. Secure Component Based Applications through Security Patterns. In Proceedings of the 2012 IEEE International Conference on Green Computing and Communications, Conference on Internet of Things, and Conference on Cyber, Physical and Social Computing, GreenCom/iThings/CPSCom 2012, Besancon, France, 20–23 November 2012; pp. 749–754. [Google Scholar]
  150. Ruiz, J.F.; Arjona, M.; Mana, A.; Carstens, N. Secure Engineering and Modelling of a Metering Devices System. In Proceedings of the 2013 International Conference on Availability, Reliability and Security, ARES 2013, Regensburg, Germany, 2–6 September 2013; pp. 418–427. [Google Scholar]
  151. Fernández, E.B.; Yuan, X. Securing analysis patterns. In Proceedings of the 45th Annual Southeast Regional Conference, 2007, Winston-Salem, NC, USA, 23–24 March 2007; pp. 288–293. [Google Scholar]
  152. Uzunov, A.V.; Fernández, E.B.; Falkner, K. Securing distributed systems using patterns: A survey. Comput. Secur. 2012, 31, 681–703. [Google Scholar] [CrossRef]
  153. Sohn, J.; Ryoo, J. Securing Web Applications with Better “Patches”: An Architectural Approach for Systematic Input Validation with Security Patterns. In Proceedings of the 10th International Conference on Availability, Reliability and Security, ARES 2015, Toulouse, France, 24–27 August 2015; pp. 486–492. [Google Scholar]
  154. Armenteros, Á.; Muñoz, A.; Maña, A.; Serrano, D. Security and Dependability in Ambient Intelligence Scenarios—The Communication Prototype. In Proceedings of the ICEIS 2009—Proceedings of the 11th International Conference on Enterprise Information Systems, Volume ISAS, Milan, Italy, 6–10 May 2009; pp. 49–56. [Google Scholar]
  155. Laverdière, M.; Mourad, A.; Hanna, A.; Debbabi, M. Security Design Patterns: Survey and Evaluation. In Proceedings of the Canadian Conference on Electrical and Computer Engineering, CCECE 2006, Ottawa Congress Centre, Ottawa, ON, Canada, 7–10 May 2006; pp. 1605–1608. [Google Scholar]
  156. Memon, M.; Menghwar, G.D.; Depar, M.H.; Jalbani, A.A.; Mashwani, W.M. Security modeling for service-oriented systems using security pattern refinement approach. Softw. Syst. Model. 2014, 13, 549–572. [Google Scholar] [CrossRef]
  157. Duncan, I.; de Muijnck-Hughes, J. Security Pattern Evaluation. In Proceedings of the 8th IEEE International Symposium on Service Oriented System Engineering, SOSE 2014, Oxford, UK, 7–11 April 2014; pp. 428–429. [Google Scholar]
  158. Sarmah, A.; Hazarika, S.M.; Sinha, S.K. Security Pattern Lattice: A Formal Model to Organize Security Patterns. In Proceedings of the 19th International Workshop on Database and Expert Systems Applications (DEXA 2008), Turin, Italy, 1–5 September 2008; pp. 292–296. [Google Scholar]
  159. Moral-García, S.; Moral-Rubio, S.; Fernández-Medina, E. Security Pattern Mining: Systematic Review and Proposal. In Proceedings of the WOSIS 2011—Proceedings of the 8th International Workshop on Security in Information Systems, In conjunction with ICEIS 2011, Beijing, China, 8–9 June 2011; SciTePress: Setubal, Portugal, 2011; pp. 13–24. [Google Scholar]
  160. Fernández, E.B. Security Patterns and A Methodology to Apply them. In Security and Dependability for Ambient Intelligence; Advances in Information Security; Kokolakis, S., Gómez, A.M., Spanoudakis, G., Eds.; Springer: Berlin/Heidelberg, Germany, 2009; Volume 45, pp. 37–46. [Google Scholar]
  161. Rosado, D.G.; Gutiérrez, C.; Fernández-Medina, E.; Piattini, M. Security patterns and requirements for internet-based applications. Internet Res. 2006, 16, 519–536. [Google Scholar] [CrossRef]
  162. Fernández, E.B. Security Patterns and Secure Systems Design. In Proceedings of the Dependable Computing, Third Latin-American Symposium, LADC 2007, Morella, Mexico, 26–28 September 2007; pp. 233–234. [Google Scholar]
  163. Cuevas, Á.; Khoury, P.E.; Gomez, L.; Laube, A. Security Patterns for Capturing Encryption-Based Access Control to Sensor Data. In Proceedings of the Second International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2008, Cap Esterel, France, 25–31 August 2008; pp. 62–67. [Google Scholar]
  164. Mouratidis, H.; Weiss, M.; Giorgini, P. Security Patterns Meet Agent Oriented Software Engineering: A Complementary Solution for Developing Secure Information Systems. In Proceedings of the Conceptual Modeling—ER 2005, 24th International Conference on Conceptual Modeling, Klagenfurt, Austria, 24–28 October 2005; pp. 225–240. [Google Scholar]
  165. Hamid, B.; Gürgens, S.; Fuchs, A. Security patterns modeling and formalization for pattern-based development of secure software systems. Innov. Syst. Softw. Eng. 2016, 12, 109–140. [Google Scholar] [CrossRef] [Green Version]
  166. Yoshioka, N.; Honiden, S.; Finkelstein, A. Security Patterns: A Method for Constructing Secure and Efficient Inter-Company Coordination Systems. In Proceedings of the 8th International Enterprise Distributed Object Computing Conference (EDOC 2004), Monterey, CA, USA, 20–24 September 2004; pp. 84–97. [Google Scholar]
  167. Bandara, A.; Shinpei, H.; Jurjens, J.; Kaiya, H.; Kubo, A.; Laney, R.; Mouratidis, H.; Nhlabatsi, A.; Nuseibeh, B.; Tahara, Y.; et al. In Proceedings of the Security patterns: Comparing modeling approaches. In Software Engineering for Secure Systems: Industrial and Research Perspectives; Mouratidis, H., Ed.; IGI Global: Hershey, PA, USA, 2010; pp. 75–111. [Google Scholar]
  168. Menzel, M.; Thomas, I.; Meinel, C. Security Requirements Specification in Service-Oriented Business Process Management. In Proceedings of the The Forth International Conference on Availability, Reliability and Security, ARES 2009, Fukuoka, Japan, 16–19 March 2009; pp. 41–48. [Google Scholar]
  169. Uzunov, A.V.; Fernández, E.B.; Falkner, K. Security solution frames and security patterns for authorization in distributed, collaborative systems. Comput. Secur. 2015, 55, 193–234. [Google Scholar] [CrossRef]
  170. Hasheminejad, S.M.H.; Jalili, S. Selecting proper security patterns using text classification. In Proceedings of the 2009 International Conference on Computational Intelligence and Software Engineering, CiSE 2009, Wuhan, China, 11–13 December 2009. [Google Scholar]
  171. Serrano, D.; Maña, A.; Llarena, R.; Crespo, B.G.; Li, K. In Proceedings of the SERENITY Aware System Development Process. In Security and Dependability for Ambient Intelligence; Advances in Information Security; Kokolakis, S., Gómez, A.M., Spanoudakis, G., Eds.; Springer: Berlin/Heidelberg, Germany, 2009; Volume 45, pp. 165–179. [Google Scholar]
  172. Sánchez-Cid, F.; Maña, A. SERENITY Pattern-Based Software Development Life-Cycle. In Proceedings of the 19th International Workshop on Database and Expert Systems Applications (DEXA 2008), Turin, Italy, 1–5 September 2008; pp. 305–309. [Google Scholar]
  173. Sánchez-Cid, F.; Muñoz, A.; Serrano, D.; Gago, M.C. Software engineering techniques applied to AmI: Security patterns. In Proceedings of the Developing Ambient Intelligence—Proceedings of the First International Conference on Ambient Intelligence Developments, AmID 2006, Sophia Antipolis, France, 20–22 September 2006; pp. 108–123. [Google Scholar]
  174. Tryfonas, T.; Kearney, B. Standardising business application security assessments with pattern-driven audit automations. Comput. Stand. Interfaces 2008, 30, 262–270. [Google Scholar] [CrossRef]
  175. Alzahrani, A.A.H.; Eden, A.H.; Yafi, M.Z. Structural Analysis of the Check Point Pattern. In Proceedings of the 8th IEEE International Symposium on Service Oriented System Engineering, SOSE 2014, Oxford, UK, 7–11 April 2014; pp. 404–408. [Google Scholar]
  176. Babar, M.A.; Wang, X.; Gorton, I. Supporting Security Sensitive Architecture Design. In Proceedings of the Quality of Software Architectures and Software Quality, First International Conference on the Quality of Software Architectures, QoSA 2005 and Second International Workshop on Software Quality, SOQUA 2005, Erfurt, Germany, 20–22 September 2005; Lecture Notes in Computer Science. pp. 140–154. [Google Scholar]
  177. Hazeyama, A. Survey on Body of Knowledge Regarding Software Security. In Proceedings of the 13th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing, SNPD 2012, Kyoto, Japan, 8–10 August 2012; pp. 536–541. [Google Scholar]
  178. Porekar, J.; Saljic, S.; Klobucar, T.; Jerman-Blazic, A. Technical Patterns for Long Term Trusted Archiving. In Proceedings of the Third International Conference on the Digital Society (ICDS 2009), Cancun, Mexico, 1–7 February 2009; pp. 241–246. [Google Scholar]
  179. Kobashi, T.; Yoshizawa, M.; Washizaki, H.; Fukazawa, Y.; Yoshioka, N.; Okubo, T.; Kaiya, H. TESEM: A Tool for Verifying Security Design Pattern Applications by Model Testing. In Proceedings of the 8th IEEE International Conference on Software Testing, Verification and Validation, ICST 2015, Graz, Austria, 13–17 April 2015; pp. 1–8. [Google Scholar]
  180. Morrison, P.; Fernandez, E.B. The credentials pattern. In Proceedings of the PLoP 2006—PLoP Pattern Languages of Programs 2006 Conference Proceedings, Irsee, Germany, 5–9 July 2006. [Google Scholar]
  181. Ciria, J.C.; Domínguez, E.; Escario, I.; Francés, A.R.; Lapeña, M.J.; Zapata, M.A. The history-based authentication pattern. In Proceedings of the 19th European Conference on Pattern Languages of Programs, EuroPLoP 2014, Irsee, Germany, 9–13 July 2014; pp. 30:1–30:9. [Google Scholar]
  182. Alkussayer, A.; Allen, W.H. The ISDF framework: Integrating security patterns and best practices. In Communications in Computer and Information Science; Springer: Berlin/Heidelberg, Germany, 2009; Volume 36, pp. 17–28. [Google Scholar]
  183. Hafiz, M.; Adamczyk, P. The nature of order: From security patterns to a pattern language. In Proceedings of the Conference on Systems, Programming, and Applications: Software for Humanity, SPLASH ’12, Tucson, AZ, USA, 21–25 October 2012; pp. 75–76. [Google Scholar]
  184. Gutiérrez, C.; Rosado, D.G.; Fernández-Medina, E. The practical application of a process for eliciting and designing security in web service systems. Inf. Softw. Technol. 2009, 51, 1712–1738. [Google Scholar] [CrossRef]
  185. Shahzad, A.; Musa, S.; Aborujilah, A.; Irfan, M. The Security Survey and Anaylsis on supervisory control and Data Acquisition Communication. J. Comput. Sci. 2014, 10, 2006–2019. [Google Scholar] [CrossRef] [Green Version]
  186. Heyman, T.; Yskout, K.; Scandariato, R.; Schmidt, H.; Yu, Y. The Security Twin Peaks. In Proceedings of the Engineering Secure Software and Systems—Third International Symposium, ESSoS 2011, Madrid, Spain, 9–10 February 2011; pp. 167–180. [Google Scholar]
  187. de Muijnck-Hughes, J.; Duncan, I. Thinking Towards a Pattern Language for Predicate Based Encryption Crypto-Systems. In Proceedings of the Sixth International Conference on Software Security and Reliability, SERE 2012, Gaithersburg, MD, USA, 20–22 June 2012; pp. 27–32. [Google Scholar]
  188. Okubo, T.; Wataguchi, Y.; Kanaya, N. Threat and countermeasure patterns for cloud computing. In Proceedings of the 4th IEEE International Workshop on Requirements Patterns, RePa 2014, Karlskrona, Sweden, 26 August 2014; pp. 43–46. [Google Scholar]
  189. Anand, P.; Ryoo, J.; Kim, H.; Kim, E. Threat Assessment in the Cloud Environment: A Quantitative Approach for Security Pattern Selection. In Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication, IMCOM 2016, Danang, Vietnam, 4–6 January 2016; pp. 5:1–5:8. [Google Scholar]
  190. Bouaziz, R.; Hamid, B.; Desnos, N. Towards a Better Integration of Patterns in Secure Component-Based Systems Design. In Proceedings of the Computational Science and Its Applications-ICCSA 2011—International Conference Part V, Santander, Spain, 20–23 June 2011; pp. 607–621. [Google Scholar]
  191. Graziano, A.; Dearden, A.; Seaton, J.W.; Williams, L.A. Towards a classification framework for security patterns. In Proceedings of the 6th International Network Conference, INC 2006, Plymouth, UK, 19–21 June 2006; pp. 237–244. [Google Scholar]
  192. Blackwell, C. Towards a Conceptual Framework for Security Patterns. In Cyberpatterns, Unifying Design Patterns with Security and Attack Patterns; Blackwell, C., Zhu, H., Eds.; Springer: Berlin/Heidelberg, Germany, 2014; pp. 17–34. [Google Scholar]
  193. Fuchs, A.; Gürgens, S.; Rudolph, C. Towards a Generic Process for Security Pattern Integration. In Proceedings of the Database and Expert Systems Applications, DEXA, International Workshops, Linz, Austria, 31 August–4 September 2009; pp. 171–175. [Google Scholar] [CrossRef] [Green Version]
  194. Hafner, M.; Alam, M.; Breu, R. Towards a MOF/QVT-Based Domain Architecture for Model Driven Security. In Proceedings of the Model Driven Engineering Languages and Systems, 9th International Conference, MoDELS 2006, Genova, Italy, 1–6 October 2006; pp. 275–290. [Google Scholar]
  195. Ortiz, R.; Moral-Rubio, S.; Garzás, J.; Fernández-Medina, E. Towards a Pattern-based Security Methodology to Build Secure Information Systems. In Proceedings of the WOSIS 2011—Proceedings of the 8th International Workshop on Security in Information Systems, In conjunction with ICEIS 2011, Beijing, China, 8–9 June 2011; SciTePress: Setubal, Portugal, 2011; pp. 59–69. [Google Scholar]
  196. Fernández, E.B.; Yimam, D. Towards Compliant Reference Architectures by Finding Analogies and Overlaps in Compliance Regulations. In Proceedings of the SECRYPT 2015—Proceedings of the 12th International Conference on Security and Cryptography, Colmar, Alsace, France, 20–22 July 2015; SciTePress: Setubal, Portugal, 2015; pp. 435–440. [Google Scholar]
  197. Kozlovs, D.; Cjaputa, K.; Kirikova, M. Towards Continuous Information Security Audit. In Proceedings of the Joint Proceedings of REFSQ-2016 Workshops, Doctoral Symposium, Research Method Track, and Poster Track co-located with the 22nd International Conference on Requirements Engineering: Foundation for Software Quality (REFSQ 2016), Gothenburg, Sweden, 14 March 2016. [Google Scholar]
  198. Alebrahim, A.; Heisel, M. Towards Developing Secure Software Using Problem-Oriented Security Patterns. In Proceedings of the Availability, Reliability, and Security in Information Systems—IFIP WG 8.4, 8.9, TC 5 International Cross-Domain Conference, CD-ARES 2014 and 4th International Workshop on Security and Cognitive Informatics for Homeland Defense, SeCIHD 2014, Fribourg, Switzerland, 8–12 September 2014; pp. 45–62. [Google Scholar]
  199. Serrano, D.; Maña, A.; Sotirious, A. Towards Precise Security Patterns. In Proceedings of the 19th International Workshop on Database and Expert Systems Applications (DEXA 2008), Turin, Italy, 1–5 September 2008; pp. 287–291. [Google Scholar]
  200. Ferreira, A.; Rusu, C.; Roncagliolo, S. Usability and Security Patterns. In Proceedings of the Second International Conference on Advances in Computer-Human Interaction, ACHI 2009, Cancun, Mexico, 1–7 February 2009; pp. 301–305. [Google Scholar]
  201. Fernández, E.B.; Delessy, N.A. Using Patterns to Understand and Compare Web Services Security Products and Standards. In Proceedings of the Advanced International Conference on Telecommunications and International Conference on Internet and Web Applications and Services (AICT/ICIW 2006), Guadeloupe, French Caribbean, 19–25 February 2006; p. 157. [Google Scholar]
  202. Heckman, M.R.; Schell, R.R. Using Proven Reference Monitor Patterns for Security Evaluation. Information 2016, 7, 23. [Google Scholar] [CrossRef] [Green Version]
  203. Aziz, B.; Blackwell, C. Using Security Patterns for Modelling Security Capabilities in Grid Systems. In Proceedings of the 8th IEEE International Symposium on Service Oriented System Engineering, SOSE 2014, Oxford, UK, 7–11 April 2014; pp. 422–427. [Google Scholar]
  204. Heyman, T.; Scandariato, R.; Huygens, C.; Joosen, W. Using Security Patterns to Combine Security Metrics. In Proceedings of the The Third International Conference on Availability, Reliability and Security, ARES 2008, Technical University of Catalonia, Barcelona, Spain, 4–7 March 2008; pp. 1156–1163. [Google Scholar]
  205. Fernandez, E.B.; Yoshioka, N.; Washizaki, H.; Jurjens, J.; Van Hilst, M.; Pernu, G. Using security patterns to develop secure systems. In Software Engineering for Secure Systems: Industrial and Research Perspectives; Mouratidis, H., Ed.; IGI Global: Hershey, PA, USA, 2010; pp. 16–31. [Google Scholar]
  206. Wagner, R.; Fontoura, L.M.; Fontoura, A.B. Using Security Patterns to Tailor Software Process. In Proceedings of the 23rd International Conference on Software Engineering & Knowledge Engineering (SEKE’2011), Eden Roc Renaissance, Miami Beach, FL, USA, 7–9 July 2011; pp. 672–677. [Google Scholar]
  207. Fernandez, E.B.; Petrie, M.M.L. Using UML and security patterns to teach secure systems design. In Proceedings of the ASEE Annual Conference and Exposition, Portland, OR, USA, 12–15 June 2005; pp. 15511–15520. [Google Scholar]
  208. Kobashi, T.; Yoshioka, N.; Okubo, T.; Kaiya, H.; Washizaki, H.; Fukazawa, Y. Validating Security Design Patterns Application Using Model Testing. In Proceedings of the 2013 International Conference on Availability, Reliability and Security, ARES 2013, Regensburg, Germany, 2–6 September 2013; pp. 62–71. [Google Scholar]
  209. Yoshizawa, M.; Kobashi, T.; Washizaki, H.; Fukazawa, Y.; Okubo, T.; Kaiya, H.; Yoshioka, N. Verifying Implementation of Security Design Patterns Using a Test Template. In Proceedings of the Ninth International Conference on Availability, Reliability and Security, ARES 2014, Fribourg, Switzerland, 8–12 September 2014; pp. 178–183. [Google Scholar]
  210. Anand, P.; Ryoo, J.; Kazman, R. Vulnerability-Based Security Pattern Categorization in Search of Missing Patterns. In Proceedings of the Ninth International Conference on Availability, Reliability and Security, ARES 2014, Fribourg, Switzerland, 8–12 September 2014; pp. 476–483. [Google Scholar]
  211. Okubo, T.; Tanaka, H. Web security patterns for analysis and design. In Proceedings of the PLoP08—15th Conference on Pattern Languages of Programs, Nashville, TN, USA, 18–20 October 2008. [Google Scholar]
  212. King, A.C.; Subramanian, K.; Kanhaa, V. Wireless Information security system via role based access control pattern use case design. In Proceedings of the 2008 International Conference on Computing, Communication and Networking, ICCCN 2008, Tamil Nadu, India, 18–20 December 2008. [Google Scholar]
  213. Barhoom, T.S.; Zhang, S.S. XML context’s security patterns language: Description and syntax. Inf. Technol. J. 2007, 6, 996–1004. [Google Scholar] [CrossRef] [Green Version]
  214. Regainia, L.; Salva, S.; Ecuhcurs, C. A classification methodology for security patterns to help fix software weaknesses. In Proceedings of the 13th IEEE/ACS International Conference of Computer Systems and Applications, AICCSA 2016, Agadir, Morocco, 29 November–2 December 2016; pp. 1–8. [Google Scholar]
  215. Trubiani, C.; Ghabi, A.; Egyed, A. Exploiting traceability uncertainty between software architectural models and extra-functional results. J. Syst. Softw. 2017, 125, 15–34. [Google Scholar] [CrossRef]
  216. Motii, A.; Hamid, B.; Lanusse, A.; Bruel, J. Guiding the Selection of Security Patterns for Real-Time Systems. In Proceedings of the 21st International Conference on Engineering of Complex Computer Systems, ICECCS 2016, Dubai, United Arab Emirates, 6–8 November 2016; pp. 155–164. [Google Scholar]
  217. Anand, P.; Ryoo, J.; Kim, H. Addressing Security Challenges in Cloud Computing—A Pattern-Based Approach. In Proceedings of the 1st International Conference on Software Security and Assurance, ICSSA 2015, Suwon, Korea, 27 July 2015; pp. 13–18. [Google Scholar]
  218. Regainia, L.; Salva, S. A Methodology of Security Pattern Classification and of Attack-Defense Tree Generation. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy, ICISSP 2017, Porto, Portugal, 19–21 February 2017; Mori, P., Furnell, S., Camp, O., Eds.; SciTePress: Setubal, Portugal, 2017; pp. 136–146. [Google Scholar]
  219. Amorim, T.; Martin, H.; Ma, Z.; Schmittner, C.; Schneider, D.; Macher, G.; Winkler, B.; Krammer, M.; Kreiner, C. Systematic Pattern Approach for Safety and Security Co-engineering in the Automotive Domain. In Proceedings of the Computer Safety, Reliability, and Security—36th International Conference, SAFECOMP 2017, Trento, Italy, 13–15 September 2017; pp. 329–342. [Google Scholar]
  220. Nafees, T.; Coull, N.; Ferguson, R.I.; Sampson, A.T. Idea-Caution Before Exploitation: The Use of Cybersecurity Domain Knowledge to Educate Software Engineers Against Software Vulnerabilities. In Proceedings of the Engineering Secure Software and Systems—9th International Symposium, ESSoS 2017, Bonn, Germany, 3–5 July 2017; pp. 133–142. [Google Scholar]
  221. Shin, M.E.; Gomaa, H.; Pathirage, D. Model-based Design of Reusable Secure Connectors. In Proceedings of the MODELS 2017 Satellite Event: Workshops (ModComp, ME, EXE, COMMitMDE, MRT, MULTI, GEMOC, MoDeVVa, MDETools, FlexMDE, MDEbug), Posters, Doctoral Symposium, Educator Symposium, ACM Student Research Competition, and Tools and Demonstrations co-located with ACM/IEEE 20th International Conference on Model Driven Engineering Languages and Systems (MODELS 2017), Austin, TX, USA, 17 September 2017. [Google Scholar]
  222. Salva, S.; Regainia, L. Using Data Integration for Security Testing. In Proceedings of the Testing Software and Systems—29th IFIP WG 6.1 International Conference, ICTSS 2017, St. Petersburg, Russia, 9–11 October 2017; Lecture Notes in Computer Science. Yevtushenko, N., Cavalli, A.R., Yenigün, H., Eds.; Springer: Berlin/Heidelberg, Germany, 2017; Volume 10533, pp. 178–194. [Google Scholar]
  223. Argyropoulos, N.; Mouratidis, H.; Fish, A. Supporting Secure Business Process Design via Security Process Patterns. In Proceedings of the Enterprise, Business-Process and Information Systems Modeling—18th International Conference, BPMDS 2017, Essen, Germany, 12–13 June 2017; Volume 287, pp. 19–33. [Google Scholar]
  224. Ruiz, J.F.; Arjona, M.; Maña, A.; Rudolph, C. Security knowledge representation artifacts for creating secure IT systems. Comput. Secur. 2017, 64, 69–91. [Google Scholar] [CrossRef]
  225. Sheta, M.A.; El Salam El Hadad, K.A.; AboelseoudM, H.; Zaki, M. Anti-spyware security design patterns. In Proceedings of the 2016 6th International Conference on Instrumentation and Measurement, Computer, Communication and Control, IMCCC 2016, Harbin, China, 21–23 July 2016; pp. 465–470. [Google Scholar]
  226. Mazo, R.; Feltus, C. Framework for Engineering Complex Security Requirements Patterns. In Proceedings of the 6th International Conference on IT Convergence and Security, ICITCS 2016, Prague, Czech Republic, 26 September 2016; pp. 1–5. [Google Scholar]
  227. Fernandez, E.B. Threat Modeling in Cyber-Physical Systems. In Proceedings of the 2016 IEEE 14th International Conference on Dependable, Autonomic and Secure Computing, DASC 2016, Auckland, New Zealand, 8–12 August 2016; pp. 448–453. [Google Scholar]
  228. ur Rehman, O.; Zivic, N. Secure Design Patterns for Security in Smart Metering Systems. In Proceedings of the 2015 IEEE European Modelling Symposium, EMS 2015, Madrid, Spain, 6–8 October 2015; pp. 278–283. [Google Scholar]
  229. Washizaki, H.; Fukumoto, S.; Yamamoto, M.; Yoshizawa, M.; Fukazawa, Y.; Kato, T.; Ogata, S.; Kaiya, H.; Fernández, E.B.; Kanuka, H.; et al. A Metamodel for Security and Privacy Knowledge in Cloud Services. In Proceedings of the IEEE World Congress on Services, SERVICES 2016, San Francisco, CA, USA, 27 June–2 July 2016; pp. 142–143. [Google Scholar]
  230. Fernández, E.B. Building Secure Cloud Architectures Using Patterns. In Proceedings of the 2016 IEEE International Conference on Cloud Engineering Workshop, IC2E Workshops, Berlin, Germany, 4–8 April 2016; p. 194. [Google Scholar]
  231. Ponde, P.; Shirwaikar, S.; Kreiner, C. An analytical study of security patterns. In Proceedings of the 21st European Conference on Pattern Languages of Programs, EuroPLoP 2016, Kaufbeuren, Germany, 6–10 July 2016; p. 33. [Google Scholar]
  232. Fernández, E.B.; Yoshioka, N.; Washizaki, H.; Syed, M.H. Modeling and Security in Cloud Ecosystems. Future Internet 2016, 8, 13. [Google Scholar] [CrossRef]
  233. He, X.; Fu, Y. Modeling and Analyzing Security Patterns Using High Level Petri Nets. In Proceedings of the 28th International Conference on Software Engineering and Knowledge Engineering, SEKE 2016, Redwood City, San Francisco Bay, CA, USA, 1–3 July 2016; Gou, J., Ed.; Knowledge Systems Institute Graduate School: Skokie, IL, USA, 2016; pp. 623–627. [Google Scholar]
  234. Motii, A.; Hamid, B.; Lanusse, A.; Bruel, J. Towards the integration of security patterns in UML component-based applications. In Proceedings of the Second International Workshop on Patterns in Model Engineering and the Fifth International Workshop on the Verification of Model Transformation, PAME/VOLT 2016, co-located with ACM/IEEE 19th International Conference on Model Driven Engineering Languages and Systems (MoDELS 2016), Saint-Malo, France, 2–3 October 2016; pp. 2–6. [Google Scholar]
  235. Motii, A.; Lanusse, A.; Hamid, B.; Bruel, J. Model-Based Real-Time Evaluation of Security Patterns: A SCADA System Case Study. In Proceedings of the Computer Safety, Reliability, and Security—SAFECOMP 2016 Workshops, ASSURE, DECSoS, SASSUR, and TIPS, Trondheim, Norway, 20 September 2016; Volume 9923, pp. 375–389. [Google Scholar]
  236. Horcas, J.; Pinto, M.; Fuentes, L. Automatic Enforcement of Security Properties. In Proceedings of the Trust, Privacy and Security in Digital Business—13th International Conference, TrustBus 2016, Porto, Portugal, 7–8 September 2016; pp. 19–31. [Google Scholar]
  237. Lee, K.H.; Park, Y.B. Adaption of integrated secure guide for secure software development lifecycle. Int. J. Secur. Its Appl. 2016, 10, 145–154. [Google Scholar] [CrossRef]
  238. Bunke, M. Software-security patterns: Degree of maturity. In Proceedings of the 20th European Conference on Pattern Languages of Programs, EuroPLoP 2015, Kaufbeuren, Germany, 8–12 July 2015; pp. 42:1–42:17. [Google Scholar]
  239. Motii, A.; Hamid, B.; Lanusse, A.; Bruel, J. Guiding the selection of security patterns based on security requirements and pattern classification. In Proceedings of the 20th European Conference on Pattern Languages of Programs, EuroPLoP 2015, Kaufbeuren, Germany, 8–12 July 2015; pp. 10:1–10:17. [Google Scholar]
  240. Atymtayeva, L.; Abdel-Aty, M. Improvement of security patterns strategy for information security audit applications. In Proceedings of the BMSD 2015—Proceedings of the 5th International Symposium on Business Modeling and Software Design, Milan, Italy, 6–8 July 2015; pp. 199–204. [Google Scholar]
  241. Rimba, P.; Zhu, L.; Xu, X.; Sun, D. Building Secure Applications Using Pattern-Based Design Fragments. In Proceedings of the 34th IEEE Symposium on Reliable Distributed Systems Workshop, SRDS 2015 Workshop, Montreal, QC, Canada, 28 September–1 October 2015; pp. 19–24. [Google Scholar]
  242. Yoshioka, N.; Washizaki, H.; Maruyama, K. A survey on security patterns. Prog. Inform. 2008, 5, 35–47. [Google Scholar] [CrossRef]
  243. Kearney, B.; Tryfonas, T. Security Patterns for Automated Continuous Auditing. Inf. Secur. J. A Glob. Perspect. 2008, 17, 13–25. [Google Scholar] [CrossRef]
  244. Washizaki, H.; Ogata, S.; Hazeyama, A.; Okubo, T.; Fernandez, E.B.; Yoshioka, N. Landscape of Architecture and Design Patterns for IoT Systems. IEEE Internet Things J. 2020, 7, 10091–10101. [Google Scholar] [CrossRef]
  245. Rajmohan, T.; Nguyen, P.H.; Ferry, N. Research Landscape of Patterns and Architectures for IoT Security: A Systematic Review. In Proceedings of the 46th Euromicro Conference on Software Engineering and Advanced Applications, SEAA 2020, Portoroz, Slovenia, 26–28 August 2020; pp. 463–470. [Google Scholar]
  246. Babar, M.; Zhang, H. Systematic literature reviews in software engineering: Preliminary results from interviews with researchers. In Proceedings of the Third International Symposium on Empirical Software Engineering and Measurement (ESEM), Lake Buena Vista, FL, USA, 15–16 October 2009; pp. 346–355. [Google Scholar]
  247. Washizaki, H.; Xia, T.; Kamata, N.; Fukazawa, Y.; Ogata, S.; Kaiya, H.; Tanaka, T.; Kanuka, H.; Yamaoto, D.; Yoshino, M.; et al. Taxonomy and literature survey of security pattern research. In Proceedings of the 2018 IEEE Conference on Application, Information and Network Security, AINS 2018, Langkawi, Malaysia, 21–22 November 2018; pp. 87–92. [Google Scholar]
  248. Unterkalmsteiner, M.; Feldt, R.; Gorschek, T. A Taxonomy for Requirements Engineering and Software Test Alignment. ACM Trans. Softw. Eng. Methodol. 2014, 23, 16:1–16:38. [Google Scholar] [CrossRef] [Green Version]
  249. Glass, R.L. Sorting Out Software Complexity. Commun. ACM 2002, 45, 19–21. [Google Scholar] [CrossRef]
  250. Kitchenham, B.; Brereton, O.P.; Budgen, D.; Turner, M.; Bailey, J.; Linkman, S. Systematic Literature Reviews in Software Engineering - A Systematic Literature Review. Inf. Softw. Technol. 2009, 51, 7–15. [Google Scholar] [CrossRef]
  251. dos Santos Marques, A.B.; Rodrigues, R.; Conte, T. Systematic Literature Reviews in Distributed Software Development: A Tertiary Study. In Proceedings of the 2012 IEEE Seventh International Conference on Global Software Engineering, Porto Alegre, Rio Grande do Sul, Brazil, 27–30 August 2012; pp. 134–143. [Google Scholar]
  252. Dadwal, A.; Washizaki, H.; Fukazawa, Y.; Iida, T.; Mizoguchi, M.; Yoshimura, K. Prioritization in Automotive Software Testing: Systematic Literature Review. In Proceedings of the 6th International Workshop on Quantitative Approaches to Software Quality co-located with 25th Asia-Pacific Software Engineering Conference (APSEC 2018), Nara, Japan, 4 December 2018; pp. 52–58. [Google Scholar]
  253. Washizaki, H.; Uchida, H.; Khomh, F.; Guéhéneuc, Y. Studying Software Engineering Patterns for Designing Machine Learning Systems. In Proceedings of the 10th International Workshop on Empirical Software Engineering in Practice, IWESEP 2019, Tokyo, Japan, 13–14 December 2019; pp. 49–54. [Google Scholar]
  254. The MITRE Corporation. Common Weakness Enumeration Version 3.1. 2018. Available online: https://cwe.mitre.org/ (accessed on 15 January 2021).
  255. FIRST.Org. Common Vulnerability Scoring System v3.0: Specification Document. 2015. Available online: https://www.first.org/cvss/ (accessed on 15 January 2021).
  256. Xia, T.; Washizaki, H.; Kato, T.; Kaiya, H.; Ogata, S.; Fernández, E.B.; Kanuka, H.; Yoshino, M.; Yamamoto, D.; Okubo, T.; et al. Cloud Security and Privacy Metamodel-Metamodel for Security and Privacy Knowledge in Cloud Services. In Proceedings of the 6th International Conference on Model-Driven Engineering and Software Development, MODELSWARD 2018, Funchal, Madeira, Portugal, 22–24 January 2018; SciTePress: Setubal, Portugal, 2018; pp. 379–386. [Google Scholar]
  257. Kang, K.C.; Cohen, S.G.; Hess, J.A.; Novak, W.E.; Peterson, A.S. Feature-Oriented Domain Analysis (FODA) Feasibility Study; Technical Report CMU/SEI-90-TR-21; Universitas Carnegie Mellon: Pittsburgh, PA, USA, 1990; pp. 1–148. [Google Scholar]
  258. Czarnecki, K.; Helsen, S. Classification of Model Transformation Approaches. In Proceedings of the OOPSLA Workshop on Generative Techniques in the Context of Model-Driven Architecture, Anaheim, CA, USA, 27 October 2003; pp. 1–17. [Google Scholar]
  259. Washizaki, H.; Guéhéneuc, Y.; Khomh, F. ProMeTA: A taxonomy for program metamodels in program reverse engineering. Empir. Softw. Eng. 2018, 23, 2323–2358. [Google Scholar] [CrossRef] [Green Version]
  260. Shostack, A. (Ed.) Threat Modeling: Designing for Security, 1st ed.; Wiley: Hoboken, NJ, USA, 2014. [Google Scholar]
  261. The MITRE Corporation. Common Vulnerability and Exposures. 2018. Available online: https://cve.mitre.org/ (accessed on 15 January 2021).
  262. The MITRE Corporation. Common Attack Pattern Enumeration and Classification. 2018. Available online: https://capec.mitre.org/ (accessed on 15 January 2021).
  263. Smite, D.; Wohlin, C.; Galvina, Z.; Prikladnicki, R. An Empirically Based Terminology and Taxonomy for Global Software Engineering. Empir. Softw. Eng. 2014, 19, 105–153. [Google Scholar] [CrossRef] [Green Version]
  264. Amato, F.; Mazzocca, N.; Moscato, F. Model driven design and evaluation of security level in orchestrated cloud services. J. Netw. Comput. Appl. 2018, 106, 78–89. [Google Scholar] [CrossRef]
  265. Alwakeel, A.M.; Alnaim, A.K.; Fernandez, E.B. A Survey of Network Function Virtualization Security. In Proceedings of the IEEE Southeastcon, St. Petersburg, FL, USA, 19–22 April 2018. [Google Scholar]
  266. Ali, I.; Asif, M. Applying security patterns for authorization of users in IoT based applications. In Proceedings of the 2018 International Conference on Engineering and Emerging Technologies, ICEET 2018, Lahore, Pakistan, 22–23 February 2018. [Google Scholar]
  267. Li, T.; Horkoff, J.; Mylopoulos, J. Holistic security requirements analysis for socio-technical systems. Softw. Syst. Model. 2018, 17, 1253–1285. [Google Scholar] [CrossRef]
Information 12 00036 g001 550
Figure 1. Taxonomy construction process.
Figure 1. Taxonomy construction process.
Information 12 00036 g001
Information 12 00036 g002 550
Figure 2. Feature diagram of the taxonomy (adopted from [247] with reduction of several features for simplification).
Figure 2. Feature diagram of the taxonomy (adopted from [247] with reduction of several features for simplification).
Information 12 00036 g002
Information 12 00036 g003 550
Figure 3. Breakdown of topics (adopted from [247] with updates of numbers).
Figure 3. Breakdown of topics (adopted from [247] with updates of numbers).
Information 12 00036 g003
Information 12 00036 g004 550
Figure 4. Breakdown of computing platforms (adopted from [247] with updates of numbers).
Figure 4. Breakdown of computing platforms (adopted from [247] with updates of numbers).
Information 12 00036 g004
Information 12 00036 g005 550
Figure 5. Breakdown of tools and automation (adopted from [247] with updates of numbers).
Figure 5. Breakdown of tools and automation (adopted from [247] with updates of numbers).
Information 12 00036 g005
Information 12 00036 g006 550
Figure 6. Breakdown of the security characteristics (adopted from [247] with updates of numbers).
Figure 6. Breakdown of the security characteristics (adopted from [247] with updates of numbers).
Information 12 00036 g006
Information 12 00036 g007 550
Figure 7. Papers referencing the intended development methodology (adopted from [247] with updates of numbers).
Figure 7. Papers referencing the intended development methodology (adopted from [247] with updates of numbers).
Information 12 00036 g007
Table
Table 1. Phases targeted by security pattern research.
Table 1. Phases targeted by security pattern research.
PhaseNumber of Papers
Design123
Analysis68
Implementation37
Any18
Development14
Test7
Operation6
Maintenance5
Modeling5
Run4
Deployment3
Evolution3
Verification2
Evaluation1
Integration1
Disposal1
Table
Table 2. Major security patterns mentioned in at least ten papers (adopted from [247] with updates of numbers and descriptions).
Table 2. Major security patterns mentioned in at least ten papers (adopted from [247] with updates of numbers and descriptions).
Security PatternNumber of Appearances
Role-Based Access Control (RBAC)49
Authorization34
Authentication23
Access control21
Authenticator21
Secure logger19
Check point17
Reference monitor15
Secure pipe14
Single access point13
Authentication enforcer11
Attribute-Based Access Control (ABAC)10
Encrypted Storage10
Firewall10
Replicated system10
Table
Table 3. Appearances of attack patterns in at least two papers (adopted from [247] with updates of numbers and descriptions).
Table 3. Appearances of attack patterns in at least two papers (adopted from [247] with updates of numbers and descriptions).
Attack PatternNumber of Appearances
Spoofing6
Denial-of-service (DoS)5
Misuse5
Information disclosure4
Injection4
Tampering4
Malicious Virtual Machine Migration3
Elevation of privilege2
Integrity2
Message secrecy violation2
Repudiation2
Resource usage monitoring2
Session state poisoning2
Theft of services2
Table
Table 4. Pattern modeling notation.
Table 4. Pattern modeling notation.
GroupExampleNumber of Papers
UMLClass/Activity diagram104 (43.3%)
Goal orientedi* (i-star), KAOS, threat tree13 (5.4%)
FormalZ notation, formula12 (5.0%)
Natural languageText, structured document12 (5.0%)
OriginalOriginal notations6 (2.5%)
OthersProcess model, XML, OWL65 (27.1%)
Not specified 77 (32.1%)
Table
Table 5. Classification of latest papers: Purpose and Research implementation.
Table 5. Classification of latest papers: Purpose and Research implementation.
PaperTopicPhasePlatformToolEvaluation
[264]ApplicationDesignCloudModel-driven developmentExample
[265]SurveyDesignCloud
[266]ApplicationDesignIoT
[267]ApplicationAnalysisGoal-oriented modelingCase study
Table
Table 6. Classification of latest papers: Quality.
Table 6. Classification of latest papers: Quality.
PaperVulnerabilityCharacteristicMeasurement
[264]Integrity, AvailabilitySecurity level
[265]Vulnerabilities, threatsConfidentiality, Integrity, Availability
[266]Confidentiality
[267]STRIDE, threatsConfidentiality, Integrity, Availability
Table
Table 7. Classification of latest papers: Pattern.
Table 7. Classification of latest papers: Pattern.
PaperSecurity PatternAttack Pattern
[264]Protection Reverse Proxy
[265]Authorization, Authentication, Logging/Auditing
[266]Reference Monitor, Role Based Access Control (RBAC), Remote Authenticator/Authorizer, Matrix Authentication, File Authentication
[267]Alternative service, Client Checking, Separation of Duty, Certification authority, Supervision Relation, Access Control, Auditing, Input Guard, Server sandbox, Firewall, Replicated System, Load Balancer, Limited View, Full View with Errors, Secure Access Layer, Secure Pipe, Storage Encryption, Equipment siting and protection, Supporting Utility, Physical Entry Control, Cabling security
Table
Table 8. Classification of latest papers: Method.
Table 8. Classification of latest papers: Method.
PaperMethodologyModelingRelationship
[264]Model-drivenUML, Operational Flow Language
[265]UML
[266]
[267]Goal-oriented requirements engineeringGoal-oriented model
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Washizaki, H.; Xia, T.; Kamata, N.; Fukazawa, Y.; Kanuka, H.; Kato, T.; Yoshino, M.; Okubo, T.; Ogata, S.; Kaiya, H.; et al. Systematic Literature Review of Security Pattern Research. Information 2021, 12, 36. https://0-doi-org.brum.beds.ac.uk/10.3390/info12010036

AMA Style

Washizaki H, Xia T, Kamata N, Fukazawa Y, Kanuka H, Kato T, Yoshino M, Okubo T, Ogata S, Kaiya H, et al. Systematic Literature Review of Security Pattern Research. Information. 2021; 12(1):36. https://0-doi-org.brum.beds.ac.uk/10.3390/info12010036

Chicago/Turabian Style

Washizaki, Hironori, Tian Xia, Natsumi Kamata, Yoshiaki Fukazawa, Hideyuki Kanuka, Takehisa Kato, Masayuki Yoshino, Takao Okubo, Shinpei Ogata, Haruhiko Kaiya, and et al. 2021. "Systematic Literature Review of Security Pattern Research" Information 12, no. 1: 36. https://0-doi-org.brum.beds.ac.uk/10.3390/info12010036

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop