Security pattern

Last updated April 25, 2023

Security patterns can be applied to achieve goals in the area of security. All of the classical design patterns have different instantiations to fulfill some information security goal: such as confidentiality, integrity, and availability. Additionally, one can create a new design pattern to specifically achieve some security goal.

Existing security pattern

The pattern community has provided a collection of security patterns, which were discussed in workshops at Pattern Languages of Programs (PLoP) conferences. They have been unified and published in a joint project.^[1]

The Open Group provides a set of documented security patterns.

Available system patterns

These are patterns that are concerned with the availability of the assets. The assets are either services or resources offered to users.

Check-pointed system pattern describes a design to use replication (computer science) and recover when a component fails.
Standby pattern has the goal to provide a fall back component able to resume the service of the failing component.
Comparator-checked fault tolerant system pattern provides a way to monitor the failure-free behavior of a component.
Replicated system pattern describes a design of redundant components, and a means of load balancing and redirection in between to decrease the chance of non-availability of the service.
Error detection/correction pattern has the goal to deduce errors and possibly correct them to guarantee correct information exchange or storage.

Protected system patterns

This is a set of patterns concerned with the confidentiality and integrity of information by providing means to manage access and usage of the sensitive data.

The protected system pattern provides some reference monitor or enclave that owns the resources and therefore must be bypassed to get access. The monitor enforces as the single point a policy. The GoF refers to it as "Protection Proxy".

The policy pattern is an architecture to decouple the policy from the normal resource code. An authenticated user owns a security context (erg. a role) that is passed to the guard of resource. The guard checks inside the policy whether the context of this user and the rules match and provides or denies access to the resource.

The authenticator pattern is also known as the Pluggable Authentication Modules or Java Authentication and Authorization Service (JAAS).

Subject descriptor pattern
Secure Communication is similar to Single sign-on, RBAC
Security Context is a combination of the communication protection proxy, security context and subject descriptor pattern.
Security Association is an extension of the secure communication pattern.
Secure Proxy pattern can be used for defense in depth.

Security patterns for Java EE, XML Web Services and Identity Management^[2]

This is a set of security patterns evolved by Sun Java Center – Sun Microsystems engineers Ramesh Nagappan and Christopher Steel, which helps building end-to-end security into multi-tier Java EE enterprise applications, XML-based Web services, enabling identity management in Web applications including single sign-on authentication, multi-factor authentication, and enabling Identity provisioning in Web-based applications.

Authentication Enforcer pattern can be used to manage and delegate authentication processes
Authorization Enforcer pattern can be used to manage and delegate authorization processes
Intercepting Validator pattern helps performing security validation for input data from clients
Secure Base Action pattern shows centralizing handling of security tasks in a base action class
Secure Logger pattern can be used to log sensitive data and ensuring tamper-proof storage
Secure Session Manager shows securely centralizing session information handling
Web Agent Interceptor pattern shows how to use an interceptor mechanism to provide security for Web applications
Obfuscated Transfer Object pattern shows how to protect data passed around in transfer objects and between application tiers
Audit Interceptor pattern shows to capture security-related events to support logging and auditing
Message Inspector pattern shows verification and validation of XML message-level security mechanisms, such as XML Signature and XML Encryption in conjunction with a security token.
Message Interceptor Gateway pattern shows a single entry point solution for centralization of security enforcement for incoming and outgoing XML Web Service messages. It helps to apply transport-level and message-level security mechanisms required for securely communicating with a Web services endpoint.
Secure Message Router pattern facilitates secure XML communication with multiple partner endpoints that adopt message-level security. It acts as a security intermediary component that applies message-level security mechanisms to deliver messages to multiple recipients where the intended recipient would be able to access only the required portion of the message and remaining message fragments are made confidential.
Single Sign-On (SSO) Delegator pattern describes how to construct a delegator agent for handling a legacy system for single sign-on (SSO).
Assertion Builder pattern defines how an identity assertion (for example, authentication assertion or authorization assertion) can be built.
Credential Synchroniser pattern describes how to securely synchronize credentials and principals across multiple applications using Identity provisioning

Related Research Articles

Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users who connect and use a network service. RADIUS was developed by Livingston Enterprises in 1991 as an access server authentication and accounting protocol. It was later brought into IEEE 802 and IETF standards.

<span class="mw-page-title-main">Public key infrastructure</span> System that can issue, distribute and verify digital certificates

A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.

Simple Authentication and Security Layer (SASL) is a framework for authentication and data security in Internet protocols. It decouples authentication mechanisms from application protocols, in theory allowing any authentication mechanism supported by SASL to be used in any application protocol that uses SASL. Authentication mechanisms can also support proxy authorization, a facility allowing one user to assume the identity of another. They can also provide a data security layer offering data integrity and data confidentiality services. DIGEST-MD5 provides an example of mechanisms which can provide a data-security layer. Application protocols that support SASL typically also support Transport Layer Security (TLS) to complement the services offered by SASL.

Web Services Security is an extension to SOAP to apply security to Web services. It is a member of the Web service specifications and was published by OASIS.

<span class="mw-page-title-main">Internet security</span> Branch of computer security

Internet security is a branch of computer security. It encompasses the Internet, browser security, web site security, and network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet is an inherently insecure channel for information exchange, with high risk of intrusion or fraud, such as phishing, online viruses, trojans, ransomware and worms.

Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems.

Java Authentication and Authorization Service, or JAAS, pronounced "Jazz", is the Java implementation of the standard Pluggable Authentication Module (PAM) information security framework. JAAS was introduced as an extension library to the Java Platform, Standard Edition 1.3 and was integrated in version 1.4.

Security Assertion Markup Language is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions. SAML is also:

The IP Multimedia Subsystem or IP Multimedia Core Network Subsystem (IMS) is a standardised architectural framework for delivering IP multimedia services. Historically, mobile phones have provided voice call services over a circuit-switched-style network, rather than strictly over an IP packet-switched network. Alternative methods of delivering voice (VoIP) or other multimedia services have become available on smartphones, but they have not become standardized across the industry. IMS is an architectural framework that provides such standardization.

The Generic Security Service Application Program Interface is an application programming interface for programs to access security services.

Internet Authentication Service (IAS) is a component of Windows Server operating systems that provides centralized user authentication, authorization and accounting.

Security Assertion Markup Language (SAML) is an XML standard for exchanging authentication and authorization data between security domains. SAML is a product of the OASIS (organization) Security Services Technical Committee.

PERMIS is a sophisticated policy-based authorization system that implements an enhanced version of the U.S. National Institute of Standards and Technology (NIST) standard Role-Based Access Control (RBAC) model. PERMIS supports the distributed assignment of both roles and attributes to users by multiple distributed attribute authorities, unlike the NIST model which assumes the centralised assignment of roles to users. PERMIS provides a cryptographically secure privilege management infrastructure (PMI) using public key encryption technologies and X.509 Attribute certificates to maintain users' attributes. PERMIS does not provide any authentication mechanism, but leaves it up to the application to determine what to use. PERMIS's strength comes from its ability to be integrated into virtually any application and any authentication scheme like Shibboleth (Internet2), Kerberos, username/passwords, Grid proxy certificates and Public Key Infrastructure (PKI).

Web Services Enhancements (WSE) is an obsolete add-on to the Microsoft .NET Framework, which includes a set of classes that implement additional WS-* web service specifications chiefly in areas such as security, reliable messaging, and sending attachments. Web services are business logic components which provide functionality via the Internet using standard protocols such as HTTP. Web services communicate via either SOAP or REST messages. WSE provides extensions to the SOAP protocol and allows the definition of custom security, reliable messaging, policy, etc. Developers can add these capabilities at design time using code or at deployment time through the use of a policy file.

OAuth is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. This mechanism is used by companies such as Amazon, Google, Facebook, Microsoft, and Twitter to permit the users to share information about their accounts with third-party applications or websites.

Security token service (STS) is a cross-platform open standard core component of the OASIS group's WS-Trust web services single sign-on infrastructure framework specification.^cf. Within that claims-based identity framework, a secure token service is responsible for issuing, validating, renewing and cancelling security tokens. The tokens issued by security token services can then be used to identify the holder of the token to services that adhere to the WS-Trust standard. Security token service provides the same functionality as OpenID, but unlike OpenID is not patent encumbered. Together with the rest of the WS-Trust standard, the security token service specification was initially developed by employees of IBM, Microsoft, Nortel and VeriSign.

OpenAM is an open-source access management, entitlements and federation server platform. Now it is supported by Open Identity Platform Community.

Security Assertion Markup Language (SAML) is a set of specifications that encompasses the XML-format for security tokens containing assertions to pass information about a user and protocols and profiles to implement authentication and authorization scenarios. This article has a focus on software and services in the category of identity management infrastructure, which enable building Web-SSO solutions using the SAML protocol in an interoperable fashion. Software and services that are only SAML-enabled do not go here.

IMS is a set of specifications to offer multimedia services through IP protocol. This makes it possible to incorporate all kinds of services, such as voice, multimedia and data, on an accessible platform through any Internet connection.

<span class="mw-page-title-main">Web API security</span>

Web API security entails authenticating programs or users who are invoking a web API.

References

↑ Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, Peter Sommerlad. Security Patterns: Integrating Security and Systems Engineering, Wiley Series in Software Design Patterns, 2005.
↑ Ramesh Nagappan, Christopher Steel. Core Security Patterns: Best Practices and Strategies for J2EE, Web Services and Identity Management, Prentice Hall, 2005.

External links

N. Yoshioka, H. Washizaki, K. Maruyama, A survey on security patterns, Progress in Informatics, No. 5 pp. 35–47, (2008)
The Open Group Security Pattern Guide
Microsoft Patterns and Practices Group
Ramesh Nagappan, Security Patterns for J2EE Applications, Web Services, Identity Management, and Service Provisioning

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] Markus Schumacher, Eduardo Fernandez-Buglioni, Duane Hybertson, Frank Buschmann, Peter Sommerlad. Security Patterns: Integrating Security and Systems Engineering, Wiley Series in Software Design Patterns, 2005.

[2] Ramesh Nagappan, Christopher Steel. Core Security Patterns: Best Practices and Strategies for J2EE, Web Services and Identity Management, Prentice Hall, 2005.

[1]

[2]