Skip to main content
SpringerLink
Log in

Secure Middleware Patterns

  • Conference paper
Cyberspace Safety and Security (CSS 2012)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7672))

Included in the following conference series:

Abstract

Middleware typically includes a set of functions that provide services to distributed applications. To design middleware architectures, developers often employ architectural patterns – solutions to recurring software problems. In general these patterns do not contain any security features, however, it is possible to make secured versions of them using experience or by considering security threats and countermeasures in real-life implementations. Using this inductive approach we have built up a catalog of such (compound security) patterns for middleware. They can be used by developers early in the software development life-cycle to efficiently determine a set of relevant security requirements. In this paper we continue the same line of work to secure the Wrapper Façade and Distributed Publish/Subscribe patterns, extending the inductive approach from before with a deductive approach based on a use-case driven threat analysis. We document the resulting Secure Façade compound pattern briefly, and the Secure Publish/Subscribe in more detail.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Buschmann, F., Meunier, R., Rohnert, H., Sommerland, P., Stal, M.: Pattern- oriented software architecture. Wiley (1996)

    Google Scholar 

  2. Kircher, M., Jain, P.: Pattern-oriented software architecture. Patterns for Resource Management, vol. 3. Wiley (2004)

    Google Scholar 

  3. Schmidt, D., Stal, M., Rohnert, H., Buschmann, F.: Pattern-Oriented Software Architecture. Patterns for Concurrent and Networked Objects, vol. 2. John Wiley & Sons, West Sussex (2000)

    MATH  Google Scholar 

  4. Uzunov, A.V., Fernandez, E.B., Falkner, K.: Securing distributed systems using patterns: A survey. Computers & Security 31, 681–703 (2012)

    Article  Google Scholar 

  5. Fernandez, E.B., Washizaki, H., Yoshioka, N.: Abstract security patterns. In: Procs. of the 2nd Workshop on Software Patterns and Quality (SPAQu 2008) (Position paper), in Conjunction with the 15th Conf. on Pattern Languages of Programs (PLoP), Nashville, TN (2008)

    Google Scholar 

  6. Voelter, M., Kircher, M., Zdun, U.: Remoting Patterns: Foundations of Enterprise, Internet and Realtime Distributed Object Middleware. Wiley (2005)

    Google Scholar 

  7. Anderson, R.: Corba Security Service Specification, OMG (2001), http://www.omg.org/docs/formal/02-03-11.pdf

  8. Belapurkar, A., Chakrabarti, A., Ponnapalli, H., Varadarajan, N., Padmanabhuni, S., Sundarrajan, S.: Distributed Systems Security: Issues, Processes and Solutions. Wiley (2009)

    Google Scholar 

  9. Kaufman, C., Perlman, R., Speciner, M.: Network Security, 2nd edn. Prentice-Hall (2002)

    Google Scholar 

  10. Fernandez, E.B., Larrondo Petrie, M.M.: Securing design patterns for distributed systems. In: Xiao, Y. (ed.) Security in Distributed, Grid, and Pervasive Computing, ch. 3, pp. 53–66. Auerbach Pubs., Taylor & Francis Group, LLC (2007)

    Google Scholar 

  11. Morrison, P., Fernandez, E.B.: Securing the Broker pattern. In: Procs. of the 11th European Conf. on Pattern Languages of Programs, EuroPLoP (2006)

    Google Scholar 

  12. Fernandez, E.B., Ortega-Arjona, J.L.: The Secure Pipes and Filters pattern. In: Procs. of the Third Int. Workshop on Secure System Methodologies Using Patterns (Spattern) (2009)

    Google Scholar 

  13. Ortega-Arjona, J.L., Fernandez, E.B.: The Secure Blackboard pattern. In: Procs. 15th Int. Conference on Pattern Languages of Programs, PLoP (2008)

    Google Scholar 

  14. Fernandez, E.B., Ortega-Arjona, J.L.: Securing the Adapter pattern. In: Procs. of the OOPSLA MiniPLoP (2009)

    Google Scholar 

  15. Delessy, N., Fernandez, E.B.: The Secure MVC pattern. Accepted for the First International Symposium on Software Architecture and Patterns, In: Conjunction with the 10th Latin American and Caribbean Conference for Engineering and Technology (LACCEI), Panama City, Panama, July 23-27 (2012)

    Google Scholar 

  16. Fernandez, E.B., Fonoage, M., VanHilst, M., Larrondo-Petrie, M.M.: The secure three-tier architecture. In: Procs. of the Second Workshop on Engineering Complex Distributed Systems (ECDS 2008), Barcelona, Spain, pp. 555–560 (2008)

    Google Scholar 

  17. Fernandez, E.B., Yoshioka, N., Washizaki, H.: Two patterns for distributed systems: Enterprise Service Bus (ESB) and Distributed Publish/Subscribe. In: 18th Conference on Pattern Languages of Programs, PLoP (2011)

    Google Scholar 

  18. Fernandez, E.B., VanHilst, M., Larrondo Petrie, M.M., Huang, S.: Defining Security Requirements Through Misuse Actions. In: Ochoa, S.F., Roman, G.-C. (eds.) Advanced Software Engineering: Expanding the Frontiers of Software Technology. IFIP, pp. 123–137. Springer US (2006)

    Google Scholar 

  19. Fernandez, E.B., Larrondo-Petrie, M.M., Sorgente, T., VanHilst, M.: A methodology to develop secure systems using patterns. In: Mouratidis, H., Giorgini, P. (eds.) Integrating Security and Software Engineering: Advances and Future Vision, pp. 107–126. IDEA Press (2006)

    Google Scholar 

  20. Fernandez, E.B.: Security Patterns in Practice: Building Secure Architectures using Software Patterns, 1st edn. Wiley Series on Software Design Patterns. Wiley (to appear)

    Google Scholar 

  21. Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design patterns: elements of reusable object-oriented software. Addison-Wesley, Boston (1994)

    MATH  Google Scholar 

  22. Eugster, P.T., Felber, P.A., Guerraoui, R., Kermarrec, A.-M.: The many faces of publish/subscribe. ACM Comput. Surv. 35, 114–131 (2003)

    Article  Google Scholar 

  23. Braga, A., Rubira, C., Dahab, R.: Tropyc: A pattern language for cryptographic object-oriented software. In: Harrison, N., Foote, B., Rohnert, H. (eds.) Pattern Languages of Program Design 4, ch. 16. Addison-Wesley (1998)

    Google Scholar 

  24. Schumacher, M., Fernandez, E.B., Hybertson, D., Buschmann, F., Sommerlad, P.: Security Patterns: Integrating security and systems engineering. Wiley Series in Software Design Patterns. Wiley (2006)

    Google Scholar 

  25. Zou, X., Ramamurthy, B., Magliveras, S.S.: Secure Group Communications Over Data Networks, 1st edn. Springer (2005)

    Google Scholar 

  26. Brown, F.L., Divietri, J., De Villegas, G.D., Fernandez, E.B.: The Authenticator Pattern. In: Procs. of PLoP 1999 (1999)

    Google Scholar 

  27. Hashizume, K., Fernandez, E.B., Huang, S.: Digital Signature with Hashing and XML Signature patterns. In: Procs. 14th European Conf. on Pattern Languages of Programs, EuroPLoP (2009)

    Google Scholar 

  28. Priebe, T., Fernandez, E.B., Mehlau, J., Pernul, G.: A pattern system for access control. In: Farkas, C., Samarati, P. (eds.) Research Directions in Data and Applications Security XVIII, pp. 235–249. Springer (2004)

    Google Scholar 

  29. Uzunov, A.V., Fernandez, E.B., Falkner, K.: A software engineering approach to authorization in distributed, collaborative systems using security patterns and security solution frames (submitted for publication)

    Google Scholar 

  30. Delessy, N., Fernandez, E.B., Larrondo-Petrie, M.M., Wu, J.: Patterns for Access Control in Distributed Systems. In: Proceedings of the 14th Pattern Languages of Programs Conference (PLoP), Monticello, Illinois, USA (2007)

    Google Scholar 

  31. Wong, W., Verdi, F., Magalhaes, M.: A security plane for publish/subscribe based content oriented networks. In: Procs. ACM CoNEXT (2008)

    Google Scholar 

  32. Ssekibuule, R.: Secure Publish-Subscribe Mediated Virtual Organizations. In: Procs. ISSA (2010), http://icsa.cs.up.ac.za/issa/2010/Proceedings/Full/18_Paper.pdf

  33. Srivatsa, J., Liu, L.: Securing publish-subscribe overlay services with Event Guard. In: Procs. 12th ACM Conference on Computer and Communications Security (CCS), pp. 289–298. ACM (2005)

    Google Scholar 

  34. Pesonen, L.I.W., Eyers, D.M., Bacon, J.: Access Control in Decentralised Publish/Subscribe Systems. J. Netw. 2, 57–67 (2007)

    Google Scholar 

  35. Osmani, A.: Patterns For Large-Scale JavaScript Application Architecture, http://addyosmani.com/largescalejavascript/

  36. OWASP, Security Analysis of Core J2EE Design Patterns Project/BusinessTier, https://www.owasp.org/index.php/Category:OWASP_Security_Analysis_of_Core_J2EE_Design_Patterns_Project/BusinessTier

  37. Peltz, C.: Applying Design Issues and Patterns in Web Services, http://www.devx.com/enterprise/Article/10397/1954

  38. Fernandez, E.B., Mujica, S., Valenzuela, F.: Two security patterns: Least Privilege and Secure Logger/Auditor. In: Procs. AsianPLoP (2011)

    Google Scholar 

  39. Harrison, N.B., Avgeriou, P.: How do architecture patterns and tactics interact? A model and annotation. J. Syst. Softw. 83, 1735–1758 (2010)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Comp. Science and Eng., Florida Atlantic University, Boca Raton, FL, 33431, USA

    Eduardo B. Fernandez

  2. School of Computer Science, University of Adelaide, Adelaide, SA, 5005, Australia

    Anton V. Uzunov

Authors
  1. Eduardo B. Fernandez
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Anton V. Uzunov
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology, Deakin University, 221 Burwood Highway, 3125, Burwood, VIC, Australia

    Yang Xiang  & Wanlei Zhou  & 

  2. Computer Science Department, ETSI Informatica, University of Malaga, Campus de Teatinos, 29170, Malaga, Spain

    Javier Lopez

  3. Ming Hsieh Department of Electrical Engineering, University of Southern California, 3740 McClintock Ave., 90089-2564, Los Angeles, CA, USA

    C.-C. Jay Kuo

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Fernandez, E.B., Uzunov, A.V. (2012). Secure Middleware Patterns. In: Xiang, Y., Lopez, J., Kuo, CC.J., Zhou, W. (eds) Cyberspace Safety and Security. CSS 2012. Lecture Notes in Computer Science, vol 7672. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35362-8_35

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-35362-8_35

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-35361-1

  • Online ISBN: 978-3-642-35362-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation