• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

security design pattern

 
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
what is the need of security design pattern?
what r the concepts used for the same?
 
Author
Posts: 159
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
In simpler terms - A "Security Pattern" is a reusable design solution to a recurring "security-related" problem.

In a security design process, "Security Patterns" allows to represent a proven solution and helps architects and developers to communicate security knowledge using a common vocabulary and to identify risks that have been traditionally identified only by prototyping experience. The Security patterns can be an architectural solution or a defensive strategy illustrating how a security problem can be resolved.

Adopting Security patterns, depends upon your understanding of security domain, how you identify risks and vulnarabilities in your application design. Before choosing Security patterns, you must follow a Structured Security design methodology that includes risk analysis and trade-off analysis.

For more details, I would suggest you to read the "Free Sample Chapter" and "Patterns Catalog" downloadable from the book Web site.

If you have the book, Refer to Chapters 8 through 14, dedicated for "Security Patterns and Best Practices".

Hope this helps.

/Ramesh
 
Greenhorn
Posts: 23
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Bhaskar,
Patterns are, in general, a proven software technique for capturing recurring problems and solving them in a standard way. They reduce time in the development cycle by providing the common terminology and implementation strategy that allows developers to coomunicate the problem and implement it in a reusable fashion. The patterns in the our book are focused on solving recurring security problems in J2EE and Web Services-based applications. You don't have to use them, but you will most likely end up trying to solve the same problems that they describe. If you choose not use them (or similiar industry patterns), you will just end up re-inventing the wheel. And that may be O.K., depending on your situation. If you want develop software quickly and have it maintained by others, using patterns is a good idea. If you need to sit around and justify time by reinventing solutions, using patterns is not a good idea.
 
Let me tell you a story about a man named Jed. He made this tiny ad:
Free, earth friendly heat - from the CodeRanch trailboss
https://www.kickstarter.com/projects/paulwheaton/free-heat
reply
    Bookmark Topic Watch Topic
  • New Topic