Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date


Security Design Refinement Through Mapping Tactics to Patterns

  • This presentation was created for a conference series or symposium and does not necessarily reflect the positions and views of the Software Engineering Institute.
  • Abstract

    Tactics are a set of generic design primitives that underlie software architecture design. Security tactics are a principled starting point in designing a secure software architecture. Because they are primitives, security tactics are inherently abstract. It is up to individual software architects, on their own, to refine these tactics to more specific design decisions. For this reason, they need guidance to facilitate and regularize this refinement process.

    One form of this guidance is to provide explicit mappings between tactics and security patterns, which are refinements of security tactics: less abstract and closer to code. Identifying concrete relationships between tactics and patterns will save architects (who are not, in general, security experts) the trouble of drawing such links themselves. Such predefined mappings may also prevent architects from making incorrect refinements from tactics to patterns, and from there into code.

    This participatory session will begin by introducing and familiarizing participants with the concepts of software security, security tactics, and security patterns. Then we will proceed to a group activity. The purposes of this hands-on exercise include

    • empowering participants to customize their own security tactics hierarchy and security pattern collection
    • teaching participants the mechanics of the tactics-refinement process so that they can conduct their own refinement process in the future
  • Download

Part of a Collection

SATURN 2016 Presentations