Abstract
Security patterns describe best practices to handle recurring security problems. Patterns are presented with a special description form that depicts the pattern's specific properties. A description form consists of different sections such as Motivation, Problem or Solution. Many security patterns exist and their description forms are very different. This heterogeneity is a problem for comparing security patterns, their comprehension and application in the software design, and usage in tools that should support their selection in the software development process. Some researchers desire a unique description form and others suggest description forms with new sections that capture security-specific aspects. In order to assess whether additional security-specific facets are actually needed, we assess existing descriptions of software-security patterns in depth. We compare the sections of software-security patterns publications to the common GoF and POSA design pattern templates to identify additionally used sections. Moreover, we align these additionally used sections of software-security patterns to the sections of the aforementioned description forms. Finally, we scan the additional sections to identify sections that possibly capture security-specific properties.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
