Blakley et al., 2004

Owned by David Doret (Open Measure), created
Last updated: 06-27-2021
2 min read

Technical Guide G031: Security Design Patterns

Type

Report

Year

2004

Authors

Blakley, B., Heath, C., members of The Open Group Security Forum

Identifiers

  • ISBN: 1-931624-27-5

Abstract

The Open Group Security Forum decided to develop design patterns for information security design because its members saw that a new, more flexible approach to security architecture is needed.

There is a long history of The Open Group creating security specifications, providing structural guidelines, and defining application programming interface definitions (APIs) in C and other languages.

This approach no longer addresses the real needs of security system architects and designers, because:

• Most information systems are already in existence.
• The C language is decreasingly relevant as the useful way to express interface definitions.
• In modern software design the designers need instructional guidance that is language independent; not prescriptive definitions written in C or any other programming language.

Design patterns are language-independent, flexible, adaptable, and scalable to all information system design problems.

This Technical Guide provides a pattern-based security design methodology and a system of security design patterns. This methodology, with the pattern catalog, enables system architects and designers to develop security architectures which meet their particular requirements. The introductory chapters of this Technical Guide provide background information on the design patterns approach to software architecture, describe how patterns are discovered and documented, and explain how to use patterns to design security into a system.

It is inherent in the nature of design patterns that they evolve with experience, and the security design patterns in this Technical Guide are no exception. It is therefore possible that a second edition will be forthcoming over time. We welcome feedback, which should be sent to OGSpecs@opengroup.org and will be included in preparation of a future edition. We also invite parties interested in working with us on progressing a future edition to get in touch using the same email address.

(https://open-measure.atlassian.net/wiki/spaces/BIB/pages/1290764873, p. vi)

Citation

Blakley, B., Heath, C., members of The Open Group Security Forum, 2004. Security Design Patterns (Technical Guide No. G031). The Open Group.

Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.

This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.