Analysis of Application of Security Patterns to Build Secure Systems

摘要

Both new technology business models and the new tendencies in the field of computing are forcing organizations to undergo a constant evolution in order to maintain their competitiveness in markets. This evolution has led to a continuous remodeling of companies 'systems to enable them to adapt to the new needs. These changes increase these systems' complexity, making them more vulnerable. Computer attacks against organizations are therefore increasing considerably. If this is to be avoided, information security engineers need reliable and validated solutions with which to confront security problems, along with agile solutions to confront the new technological necessities in an optimal manner. Security patterns are good mechanisms with which to perform this task since they provide documented, validated and tested solutions to recurring problems. In this paper we carry out an analysis of those proposals that use security patterns to build secure systems when this task is performed in the information systems of a real organization, with the objective of detecting any shortcomings and new needs.