Share Your Research, Maximize Your Social Impacts
Main Menu
Searching By
PARTNERS
SPattern 2012 - International Workshop on Secure systems methodologies using patterns (SPattern)
Topics/Call fo Papers
Security patterns have arrived to a stage where there are a significant number of them, two books about them have been published, and industry is starting to accept and use them. Analysis and design patterns have been around for about fifteen years and have found practical use in many projects; they have been incorporated into several software development methodologies where less experienced developers can use them to receive the advice and knowledge of experts. The situation is not so clear for security patterns because no accepted methodology exists for their use and their naming has not been unified. In spite of their value, it is not clear how much they are actually used in practice.
Catalogs of security patterns are a good step, but they are not enough. Building secure systems is a difficult process where security aspects are interlaced with the satisfaction of functional requirements as well as other non-functional requirements. Developers are typically experts on a language or a development methodology but know little about security, which results in them not knowing what security mechanisms make sense at which moments. We need methodologies that guide a designer at each stage of the development cycle. A few of them have appeared, but none of them has been tested in production applications. We still need more patterns to build more complete catalogs. Unification of pattern catalogs is becoming urgent because the several existing repositories confuse the designers. Tool support is also important for their acceptance.
Related patterns are also important, i.e. reliability and safety patterns. Usability is an important aspect is some cases.
Topics of interest comprise but are not limited to:
Methodologies to build secure systems using patterns
New aspects of existing methodologies
Tradeoffs or combinations between security and other requirements expressed as patterns, e.g. reliable security patterns or secure reliability patterns.
New security patterns
New types of security-related patterns, e.g. misuse or attack patterns
Pattern languages
Classification of security patterns
Tool support for security patterns
Secure reference architectures
Usability aspects
Experiences in applying security patterns
Catalogs of security patterns are a good step, but they are not enough. Building secure systems is a difficult process where security aspects are interlaced with the satisfaction of functional requirements as well as other non-functional requirements. Developers are typically experts on a language or a development methodology but know little about security, which results in them not knowing what security mechanisms make sense at which moments. We need methodologies that guide a designer at each stage of the development cycle. A few of them have appeared, but none of them has been tested in production applications. We still need more patterns to build more complete catalogs. Unification of pattern catalogs is becoming urgent because the several existing repositories confuse the designers. Tool support is also important for their acceptance.
Related patterns are also important, i.e. reliability and safety patterns. Usability is an important aspect is some cases.
Topics of interest comprise but are not limited to:
Methodologies to build secure systems using patterns
New aspects of existing methodologies
Tradeoffs or combinations between security and other requirements expressed as patterns, e.g. reliable security patterns or secure reliability patterns.
New security patterns
New types of security-related patterns, e.g. misuse or attack patterns
Pattern languages
Classification of security patterns
Tool support for security patterns
Secure reference architectures
Usability aspects
Experiences in applying security patterns
Other CFPs
- International Workshop on Security and Cognitive Informatics for Homeland Defense (SeCIHD)
- 11th International Symposium on Pervasive Systems, Algorithms, and Networks (I-SPAN 2011)
- 2011 International Workshop on Assistive Engineering and Information Technologies (AEIT2011).
- First International Workshop on Highlights of Cloud Computing (HighCloud 2011)
- 14th IEEE International Conference on Ubiquitous Computing and Communications (IUCC-2012)
Last modified: 2011-11-16 20:26:26