Building Secure Cloud Architectures Using Patterns

摘要

Patterns abstract good practices to define basic models that can be used to build new systems and evaluate existing systems. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system requirements, design, and evaluation. We built a catalog of over 100 security patterns, which is still growing. We complement these patterns with misuse patterns, which describe how an attack is performed from the point of view of the attacker and describe how it can be stopped. We integrate patterns in the form of security reference architectures (SRAs) and we extend them to their ecosystems. We show how to build a SRA for clouds and their ecosystems. The use of patterns can provide a holistic view of security, which is a fundamental principle to build secure systems. The patterns and reference architectures are shown using UML models and examples are taken from my two books on security patterns as well as from my recent publications.