Dashboard > Security Software Engineering project > Home > SSE-Tutorial20080718
Log In   View a printable version of the current page.
Added by Nobukazu KAZ Yoshika, last edited by Nobukazu KAZ Yoshika on Jul 09, 2008
Labels: 
(None)


Title: Designing Secure Architectures using Security Patterns
Time & Date: 13:00-14:30, 14:45-16:15, July 18 2008
Place: Lecture room 1 on 20F, NII
Speaker: Eduardo B. Fernandez, Florida Atlantic University, USA

Abstract:
Patterns combine experience and good practices to develop basic models that can be used for new designs. Security atterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system design and evaluation. We consider the structure and purpose of security patterns, show a variety of security patterns, and illustrate their use in the construction of secure systems. These patterns include Authentication, Authorization, Role-based Access Control, Firewalls, Web Services Security, and application-oriented secure architectures for health, legal, and financial applications. We introduce patterns in a conceptual way, relating them to their functions and to the system architecture, pure enumerations are not useful to designers. We show how to apply these patterns through a secure system development
method. The patterns are shown using UML models and some examples are taken from my book "Security Patterns" (Wiley, 2006).

Topics:

  • Security concepts
  • Attacks/threats
  • Security patterns
  • Security models
  • Application security
  • Operating systems
  • Network patterns
  • Distribution and web services
  • A methodology to build secure architectures

Biography:
Eduardo B. Fernandez is a professor in the Department of Computer Science and Engineering at Florida Atlantic University, Boca Raton, Florida. He has published numerous papers on security models, and object-oriented analysis/design. He has lectured all over the world at both academic and industrial meetings. His current interests include patterns for object-oriented design and security patterns. He holds a MS degree in Electrical Engineering from Purdue University and a Ph.D. in Computer Science from UCLA. He is a Senior Member of the IEEE, and a Member of ACM. He is an active consultant for industry. More details: http://www.cse.fau.edu/~ed
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.3.1 Build:#643 Feb 03, 2007) - Bug/feature request - Contact Administrators