B. Example Security Patterns and Annotations

Abstract

In this Chapter we present two examples for security patterns which have initially been presented at EuroPLoP 2002 [200]. In contrast to the original paper, we present a few patterns here in an often-used pattern form which is similar to Alexander’s original template: Each pattern is divided into three parts which are separated by three diamond symbols(\(\diamondsuit\) \(\diamondsuit\) \(\diamondsuit\) \(\diamondsuit\)). Hereby, name and context create the introductory part, problem statement, forces and solution build the central part and the references to other patterns present the closing part.

Each pattern begins with a name (i.e.the heading of the section). The next few sentences are in a “you” form. They describe a context in which you may or may not find yourself. If you don’t find yourself in such a context, the pattern probably isn’t relevant for you. Then we provide a brief description of the problem in bold face (highlighting core elements of the pattern instead of giving them separate headings increases the readability). Afterwards, a number of forces that must be considered are discussed (now with a regular font face). The next section begins with a bold face “Therefore” and contains the core of the solution. This may be followed by additional information about the pattern, how the forces are resolved and how to use or implement the pattern. Finally, we include references to related patterns.

We followed the convention that each pattern should start at a new page. That way, it can be identified more easily. After the presentation of the pattern examples, we show how they could be annotated according to our theoretical model. The original patterns submitted to EuroPLoP were more structured and less prose (as we wanted to prove our point that security standards can be used for pattern mining). Thus, they were not as readable as the rewritten pattern in this chapter. With our approach we can reach both goals. The patterns remain prose and are still readable as we followed a template with limited structure. However, as we can annotate the patterns accordingly, we define both syntax and semantics of the patterns more precisely and in a machine-readable form. That way we can show how the added values of the patterns are now available for improved search and retrieval.