En Praktisk Anvendelse af Sikkerhedspatterns: Adgangskontrol for et Opslagstavlesystem

Frederik Ahlberg-Bøghave & Lasse Gjerulff Petersen

Studenteropgave: Speciale

Abstrakt

Security patterns extend Gang of Four’s notion of Design Patterns to provide proven
solutions to recurring security issues. By taking advantage of the benefits of utilizing
patterns, Security Patterns enable novices within it-security to design effective solutions.
Only there is very little evidence for the proposed advantages of patterns. This study seeks
to provide qualitative and explorative insight into the use and potential benefits of using
Security Patterns. This is accomplished through the design and implementation of
Role-Based Access Control in a digital signage system characterized as a
webapplication-webservice-architecture. The developed software product is evaluated using
code inspection methodology, to establish the quality of the implementation. The reasons for
the product quality, and the experiences using Security Patterns is then studied through the
reflective use of a development journal. Through this, we observe that the abstractness of
the utilized pattern was the source of issues trying to adapt the pattern to the context, and
translate it into the relational model. The study concludes by summarizing the experienced
issues and how they relate to some of the supposed advantages of using patterns. Further
research might focus on replicating the experiences we have had, thus confirming the
issues, as well as trying to mitigate them.

UddannelserDatalogi, (Bachelor/kandidatuddannelse) Kandidat
SprogDansk
Udgivelsesdato1 jun. 2018
Antal sider49
VejledereNiels Jørgensen

Emneord

  • Security Pattern
  • Design Pattern
  • Evaluation