Design Patterns for Secure Software Development | by 4kCode

´´Each pattern describes a problem which occurs over and over again in our environment, and then describes the core of the solution to that problem, in such a way that you can use this solution a million times over, without ever doing it the same way twice.´´ Cristopher Alexander

Security in software development has become a crucial research area, mainly because of recent events that exposed security vulnerabilities in major systems. Security is defined as a non-functional requirement(NFR) and engineered into systems late in the design process or after implementation. That is why a systems results less maintainable and trustworthy when putting an organization’s information at risk.

Software design patterns are the solution to issues that appear during the design process and they are meant to be ready applicable and save time for software development. The notion of design pattern has been addressed by the architect Cristopher Alexander in his project related to reusable strategies for architecting space and structure. His definition of patterns refers to recurring practices in structural composition. His concept of patterns has been applied to the development of graphical user interfaces in an object-oriented language.

From a software development point of view a design pattern is formed by four elements. These elements include a pattern name, a problem described by a set of scenarios, a solution about how a pattern can be implemented and a discussion of the consequences of applying that pattern. Patterns can also be grouped to form a pattern language. In the context of software development a pattern language refers to a software framework or families of related systems. These systems should help a software fulfill functional and non-functional requirements. In order to be considered a pattern system, the collection of patterns should meet five requirements:

• Comprise a sufficient base of patterns
• Describe all patterns uniformly
• Expose the various relationships between patterns
• Support the construction of software systems
• Support its own evolution

In software development, design patterns are used to provide guidelines for the resolution of commonly occurring problems. They make use of class diagrams or visual representation that represent the core of a generalized solution. This method focuses on areas around the Model-View-Controller (MVC) pattern. This pattern separates an application design for instance into common developer roles such as back-end components, user interface, design and interfacing with functionality between these.

As a conclusion, we have determined how software design patterns can be used to solve security concepts and principles. By designing a model with additional software security placed strategically, the components of a secure design may be observed.