File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Hi Chris and Ramesh : Why we need patterns for security? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Hi Chris and Ramesh : Why we need patterns for security?" Watch "Hi Chris and Ramesh : Why we need patterns for security?" New topic
Author

Hi Chris and Ramesh : Why we need patterns for security?

Hemant Agarwal
Ranch Hand

Joined: Nov 21, 2005
Posts: 138
What is the need for having patterns for security?
How much time it will take to learn these patterns?
Ramesh Nagappan
Author
Ranch Hand

Joined: May 06, 2003
Posts: 159
In simpler terms - A "Security Pattern" is a reusable design solution to a recurring "security-related" problem.

In a security design process, "Security Patterns" allows to represent a proven solution and helps architects and developers to communicate security knowledge using a common vocabulary and to identify risks that have been traditionally identified only by prototyping experience. The Security patterns can be an architectural solution or a defensive strategy illustrating how a security problem can be resolved.

Adopting Security patterns, depends upon your understanding of security domain, how you identify risks and vulnarabilities in your application design. Before choosing Security patterns, you must follow a Structured Security design methodology that includes risk analysis and trade-off analysis.

For more details, I would suggest you to read the "Free Sample Chapter" and "Patterns Catalog" downloadable from the book Web site.

If you have the book, Refer to Chapters 8 through 14, dedicated for "Security Patterns and Best Practices".

Hope this helps.

/Ramesh


Ramesh Nagappan CISSP<br />Co-Author of "Core Security Patterns"<br />nramesh@post.harvard.edu<br /><a href="http://www.coresecuritypatterns.com" target="_blank" rel="nofollow">www.coresecuritypatterns.com</a>
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Hi Chris and Ramesh : Why we need patterns for security?
 
Similar Threads
This Weeks Giveaway
List of Security Patterns for SCEA 5.0
Why the front controller changed from servlet to Filter?
Core Security patterns book for J2EE
Books about Java security