Hironori Washizaki, Tian Xia, Natsumi Kamata, Yoshiaki Fukazawa, Hideyuki Kanuka, Dan Yamaoto, Masayuki Yoshino, Takao Okubo, Shinpei Ogata, Haruhiko Kaiya, Takehisa Kato, Atsuo Hazeyama, Takafumi Tanaka, Nobukazu Yoshioka, G Priyalakshmi, “Taxonomy and Literature Survey of Security Pattern Research,” IEEE Conference on Applications, Information and Network Security (AINS), Langkawi, Malaysia, November 21-22, 2018
Security patterns encapsulate security-related problems and solutions that recur in certain contexts for secure software system development and operations. Almost 500 security patterns have been proposed since the late 1990s. Technical investigations on their applications have advanced implementation, but the direction, overall picture, and significant technical challenges remain unclear. In this study, we propose a taxonomy for security pattern research by conducting a systematic literature review. The taxonomy is expected to guide practitioners to choose existing security pattern methods and tools. In addition, the taxonomy should support communication among practitioners and researchers, and improve security pattern research and the effectiveness of security patterns. Over 200 papers are categorized based on the taxonomy. The survey result should further improve security pattern research and the effectiveness of security patterns.