Proceedings Article10.1145/1415472.1415483
The credentials pattern
Patrick Morrison,Eduardo B. Fernandez +1 more
- 21 Oct 2006
- pp 9
TL;DR: Credentials is described, which provides secure means of recording authentication and authorization information for use in distributed systems.
read more
Abstract: In this paper we describe Credentials, which provide secure means of recording authentication and authorization information for use in distributed systems.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Securing distributed systems using patterns: A survey
TL;DR: This paper comprehensively survey the state-of-the-art in securing distributed systems using (security) patterns, considering both relevant patterns and methodologies for applying them, and identifies new or ''missing'' patterns and pattern classes.
60
Organizing Security Patterns Related to Security and Pattern Recognition Requirements
Michaela Bunke,Rainer Koschke,Karsten Sohr +2 more
- 30 Jun 2012
TL;DR: This work identifies missing aspects in existing classifications and the similarities between design and security pattern classification and introduces two new classification schemes based on application domains formed by a literature survey on security patterns published in the period of 1997 to mid-2012.
Abstract security patterns
Eduardo B. Fernandez,Hironori Washizaki,Nobukazu Yoshioka +2 more
- 18 Oct 2008
TL;DR: This work introduces the concept of "abstract" security patterns that deal with abstract security mechanisms, rather than concrete implementations, and shows an organization of abstract security patterns and concrete ones into hierarchies.
Security solution frames and security patterns for authorization in distributed, collaborative systems
TL;DR: This paper presents a comprehensive, pattern-oriented software engineering approach to authorization for general distributed systems - with particular applicability to distributed collaborative systems - that allows developers to build custom, application-specific conceptual authorization models in a simple yet extensible manner.
28
Patterns for session-based access control
Eduardo B. Fernandez,Günther Pernul +1 more
- 21 Oct 2006
TL;DR: This work presents the Controlled Access Session pattern for describing how sessions can limit the rights of a user, and considers a pattern for Session-Based Role-Based Access Control, intended for organizations in which job functions form the basis for privilege assignments.
References
•Book
Core Security Patterns: Best Practices and Strategies for J2EE, Web Services, and Identity Management
Christopher Steel,Ramesh Nagappan,Ray Lai +2 more
- 14 Oct 2005
TL;DR: The Rationale Secure UP Security Patterns for J2EE, Web Services, Identity Management, and Service Provisioning Reality Checks Security Testing Adopting a Security Framework Refactoring Security Design Service Continuity and Recovery Conclusion References V.
254
A pattern language for security models
Eduardo B. Fernandez,Rouyi Pan +1 more
- 01 Jan 2001
TL;DR: Three patterns that correspond to the most common models for security are discussed: Authorization, Role-Based Access Control, and Multilevel Security, which can be applied in all the levels of the system.
A Pattern System for Access Control
Torsten Priebe,Eduardo B. Fernandez,Jens Ingo Mehlau,Günther Pernul +3 more
- 01 Jan 2004
TL;DR: A set of patterns that include a basic authorization pattern that is the basis for patterns for the well-established discretionary and role-based access control models are presented.
The Authenticator Pattern
F. Lee,James DiVietri,Graziella Diaz de Villegas,Eduardo B. Fernandez +3 more
- 01 Jan 1999
TL;DR: The Authenticator pattern describes a general mechanism for providing identification and authentication to a server from a client using an authentication negotiation object which then provides the protected object only after authentication is successful.
A Pattern Language for Identity Management
Nelly A. Delessy,Eduardo B. Fernandez,Maria M. Larrondo-Petrie +2 more
- 04 Mar 2007
TL;DR: An architectural pattern for identity management is defined that centralizes the administration of a security domain's subjects and allows to federate multiple identities across multiple organizations under a common identity.
41
Related Papers (5)
Torsten Priebe,Eduardo B. Fernandez,Jens Ingo Mehlau,Günther Pernul +3 more
- 01 Jan 2004
Eduardo B. Fernandez,Rouyi Pan +1 more
- 01 Jan 2001
Nelly A. Delessy,Eduardo B. Fernandez,Maria M. Larrondo-Petrie +2 more
- 04 Mar 2007