http://join2-wiki.gsi.de/foswiki/pub/Main/Artwork/join2_logo100x88.png

Conception of a security design pattern catalog for constraint-based recommender systems

Lammers, Dominik^RWTH*

2025

Verantwortlichkeitsangabepresented by Dominik Lammers

ImpressumAachen : RWTH Aachen University 2025

Umfang1 Online-Ressource : Illustrationen

Masterarbeit, RWTH Aachen University, 2024

Veröffentlicht auf dem Publikationsserver der RWTH Aachen University 2025

Genehmigende Fakultät
Fak01

Hauptberichter/Gutachter
Lichter, Horst (Thesis advisor)^RWTH* ; Rumpe, Bernhard (Thesis advisor)^RWTH* ; Sabau, Richard Alex (Consultant)^RWTH*

Tag der mündlichen Prüfung/Habilitation
2024-12-12

Online
DOI: 10.18154/RWTH-2025-04642
URL: https://publications.rwth-aachen.de/record/1011656/files/1011656.pdf

Einrichtungen

1. Lehr- und Forschungsgebiet Softwarekonstruktion (121620)
2. Fachgruppe Informatik (120000)

Thematische Einordnung (Klassifikation)
DDC: 004

Kurzfassung
In the rapidly evolving digital landscape, the security of software systems has become paramount. However, a critical shortage of security experts makes it challenging to adequately protect these systems. Security patterns provide proven solutions to recurring security problems, helping architects design secure systems. Despite their potential, their practical use remains limited due to the lack of security-relevant information necessary for secure implementation and the limited guidance in selecting appropriate patterns. This thesis addresses these limitations by introducing the Security Design Pattern Description Metamodel, which enables the creation of Security Design Patterns (SDPs) that incorporate essential security information and explicit pattern relationships. To assist architects in selecting suitable SDPs, we introduce the SDP Knowledge Bases Metamodel, which enables Constraint-based Recommender Systems (CBRSs) to recommend appropriate SDPs. Our methodology involves analyzing security solutions in open source software to identify essential elements that can contribute to the practical use of SDPs. Based on these findings, we iteratively developed concrete SDPs and knowledge bases, capturing their elements and relationships within co-evolving metamodels. The metamodels are validated through application examples, namely OpenID Connect Authentication and Password-based Authentication. These examples show how pattern relationships and important security-relevant information, such as data requirements, can be effectively represented in SDPs to facilitate the implementation of secure systems. In addition, a synthetic recommendation example illustrates the effective use of knowledge bases in a CBRS. By decoupling the pattern description and selection process, this thesis makes security patterns accessible to a broader audience and provides a foundation for advancing research in secure software design.

OpenAccess:
PDF

Dokumenttyp
Master Thesis

Format
online

Sprache
English

Interne Identnummern
RWTH-2025-04642
Datensatz-ID: 1011656

Beteiligte Länder
Germany