Special issue: The future of software engineering for security and privacy Progress in Informatics, No. 5, pp.35–47, (2008) 35 Survey Paper A survey on security patterns Nobukazu YOSHIOKA 1 , Hironori WASHIZAKI 2 , and Katsuhisa MARUYAMA 3 1,2 National Institute of Informatics 2 The Graduate University for Advanced Studies 3 Department of Computer Science, Ritsumeikan University ABSTRACT Security has become an important topic for many software systems. Security patterns are reusable solutions to security problems. Although many security patterns and techniques for using them have been proposed, it is still difficult to adapt security patterns to each phase of software development. This paper provides a survey of approaches to security patterns. As a result of classifying these approaches, a direction for the integration and future research topics is illustrated. KEYWORDS Security, software engineering, design patterns, security patterns, refactoring 1 Introduction In the face of an increasing number of business ser- vices on open networks and distributed platforms, secu- rity issues have become critical. Devanbu et al. stated this as follows [1]: “Security concerns must inform every phase of software development, from requirements engineering to design, implementation, test- ing, and deployment.” It is difficult to do so, however, because not all soft- ware engineers are security specialists and there are many concerns in security. Patterns are reusable pack- ages incorporating expert knowledge. Specifically, a pattern represents a frequently recurring structure, be- havior, activity, process, or “thing” during the software development process. A security pattern includes secu- rity knowledge and is reusable as a security package. Recently, many security patterns have been pro- posed. Nevertheless, it is still difficult to adapt security patterns to each phase of software development. In this paper, we survey current security patterns and offer a classification of them. This then leads us into a num- ber of problems and an indication of potential future Received October 2, 2007; Revised December 3, 2007; Accepted January 7, 2008. 1) nobukazu@nii.ac.jp, 2) washizaki@nii.ac.jp, 3) maru@cs.ritsumei.ac.jp research directions for security patterns. This paper is structured as follows. Section 2 defines security concepts as used in this paper. Section 3 de- scribes various security patterns from the development phase viewpoint. Then, we discuss the problems and potential research directions in section 4. Finally, we conclude this paper in section 5. 2 Background of security This section defines security concepts and describes security patterns. 2.1 Security concepts The following are general security concepts and def- initions, based on the definitions in [2]: Asset: Information or resources that have value to an organization or person. Stakeholder: An organization or person who places a particular value on assets. Security objective: A statement of intent to counter threats and satisfy identified security needs. Threat: A potential for harm of an asset. Attack: An action intended to violate the security of an asset. Attacker: An entity that carries out attacks. Vulnerability: A flaw or weakness that could be ex- ploited to breach the security of an asset. DOI: 10.2201/NiiPi.2008.5.5 c 2008 National Instiute of Informatics