Using security patterns to model and analyze security requirements

Design patterns propose generic solutions to recurring design problems. Commonly, they present a solution in a well-structured form that facilitates its reuse in a different context. Recently, there has been growing interest in identifying pattern-based designs for the domain of system security termed Security Patterns. Currently, those patterns lack comprehensive structure that conveys essential information inherent to security engineering. This thesis describes research into investigating an appropriate template for Security Patterns that is tailored to meet the needs of secure system development. In order to maximize comprehensibility, we make use of well-known notations such as the Unified Modeling Language (UML) to represent structural and behavioral aspects of design. Furthermore, we investigate how verification can be enabled by adding formal constraints to the patterns.