A Novel Approach for the Development and Deployment of Security Patterns

In this paper, we address the problems related to the applicability and useability of security patterns. In this context, we propose a new approach based on aspect-oriented programming (AOP) for security patterns development, specification and deployment. Our approach allows the security experts to deliver their security patterns that describe the steps and actions required for security solutions, including detailed information on how and where to integrate each one of them. It also provides the pattern users with the capabilities to deploy well defined security solutions. The pattern users are required to have knowledge in AOP with minimal expertise in the corresponding security solution domain. Moreover, we design and implement the RBAC (Role Based Access Control) model for a Library Circulation system called RBAC-LB. The elaborated RBACLB model illustrates all the procedures and mechanisms of the approach phases and provides authentication/access control features for the library system.