Problem Frames and Architectures for Security Problems

  • Denis Hatebur
  • Maritta Heisel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3688)


We present several problem frames that serve to structure, characterize and analyze software development problems in the area of software and system security. These problem frames constitute patterns for representing security problems, variants of which occur frequently in practice. Solving such problems starts with the development of an appropriate software architecture. To support that process, we furthermore present architectural patterns associated with the problem frames. We illustrate our approach by the example of an electronic purse card.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bass, L., Clements, P., Kazman, R.: Software Architecture in Practice. Addison-Wesley, Reading (1998)Google Scholar
  2. 2.
    Blakley, B., Heath, C.: Technical Guide: Security Design Patterns. The Open Group (April 2004),
  3. 3.
    Buschmann, F., Meunier, R., Rohnert, H., Sommerlad, P., Stal, M.: Pattern-Oriented Software Architecture: A System of Patterns. John Wiley & Sons, Chichester (1996)Google Scholar
  4. 4.
    Choppy, C., Hatebur, D., Heisel, M.: Architectural patterns for problem frames. In: IEE Proceedings – Software, Special issue on Relating Software Requirements and Architecture (2005) (To appear)Google Scholar
  5. 5.
    Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns – Elements of Reusable Object-Oriented Software. Addison Wesley, Reading (1995)Google Scholar
  6. 6.
    Jackson, M.: Problem Frames. Analyzing and structuring software development problems. Addison-Wesley, Reading (2001)Google Scholar
  7. 7.
    Jackson, M., Zave, P.: Deriving specifications from requirements: an example. In: Proceedings 17th Int. Conf. on Software Engineering, Seattle, USA, pp. 15–24. ACM Press, New York (1995)Google Scholar
  8. 8.
    Lin, L., Nuseibeh, B., Ince, D., Jackson, M., Moffett, J.: Introducing abuse frames for analysing security requirements. In: Proceedings of 11th IEEE International Requirements Engineering Conference (RE 2003), pp. 371–372 (2003), Poster PaperGoogle Scholar
  9. 9.
    Pfleeger, C.P.: Security in Computing. Prentice-Hall, Englewood Cliffs (1996)Google Scholar
  10. 10.
    Rottke, T., Hatebur, D., Heisel, M., Heiner, M.: A problem-oriented approach to common criteria certification. In: Anderson, S., Bologna, S., Felici, M. (eds.) SAFECOMP 2002. LNCS, vol. 2434, pp. 334–346. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Shaw, M., Garlan, D.: Software Architecture. Perspectives on an Emerging Discipline. Prentice-Hall, Englewood Cliffs (1996)Google Scholar
  12. 12.
    UML Revision Task Force. OMG UML Specification,

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Denis Hatebur
    • 1
  • Maritta Heisel
    • 2
  1. 1.Universität Duisburg-Essen and Institut für technische Systeme GmbH 
  2. 2.Fachbereich IngenieurwissenschaftenUniversität Duisburg-EssenGermany

Personalised recommendations