Defining Security Architectural Patterns Based On Viewpoints

Recently, there has been a growing interest in identifying security patterns in software-intensive systems since they provide techniques for considering, detecting and solving security issues from the beginning of its development life-cycle. This paper describes how security architectural patterns lack of a comprehensive and complete well-structured documentation that conveys essential information of its logical structure, run-time behaviour, deployment-time and monitoring configuration, and so on. Thus we propose a set of security viewpoints to describe software-intensive security patterns adhered to ANSI/IEEE 1471-2000. In order to maximize comprehensibility, we make use of well-known language notations such as UML to represent all the necessary information for defining a software-intensive architectural security pattern conforming to the IEEE 1471-2000 standard. We investigate security architectural patterns from several IEEE 1471-2000 compliant viewpoints.