Improving the usability of security patterns through a centralized repository
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Security patterns represent reusable security practices that can be applied to a specific problem in order to generate a solution. The reuse of existing practices both decreases the time spent on solving a problem and improves the quality of the product by applying tried-and-tested solutions. In the wild, security patterns are documented in many forms from many sources. This increases the difficulty of locating the most appropriate pattern(s) for a situation. I address this issue by creating a security pattern repository to not only store and manage these patterns, but have the ability to link a particular pattern with a set of CWE (Common Weakness Enumeration) entries. Furthermore, I propose a design for a study to better understand how software engineers search for patterns and apply the resulting information to our search engine.