Securing distributed systems using patterns: A survey

Driven by expanding scientific computing and business enterprise needs, the last decade has seen a shift toward software paradigms in which distribution plays a central role. The increasing size, complexity and heterogeneity of the corresponding systems is accompanied by an increase of security vulnerabilities that require mitigation via combined security and software engineering strategies. In this respect security patterns, which build on the success of design patterns and software patterns more generally, are a tool of great value. In this paper we comprehensively survey the state-of-the-art in securing distributed systems using (security) patterns, considering both relevant patterns and methodologies for applying them. In the first part of the survey, we provide detailed reviews of our selected security patterns, classify the patterns using a multi-dimensional scheme and evaluate them according to a set of quality categories. This highlights deficiencies in the reviewed patterns and provides a basis for identifying new or “missing” patterns and pattern classes. The newly identified and surveyed patterns are a step forward in defining a pattern language for distributed computing. In the second part of the survey, we briefly review a number of pattern-based security methodologies and evaluate their maturity and appropriateness for securing distributed systems.