KNOWLEDGE REPRESENTATION OF SECURITY DESIGN PATTERN LANDSCAPE USING FORMAL CONCEPT ANALYSIS

Abstract

Security design patterns are proven solutions to recurring security problems. They are classified into various categories, each containing a set of attributes. However, the large number of patterns and classification schemes makes it difficult to choose a pattern for a given security problem. To apply patterns effectively, there must be a systematic method of organizing the patterns, so that it is possible to look up a design pattern unambiguously according to its purpose. While a lot of research focuses on developing new patterns and classifications, these issues have not been adequately addressed. In this paper, we present a novel approach of applying Formal Concept Analysis (FCA) on a chosen set of patterns classified according to a common set of attributes. The resulting concept lattice can be used for mining knowledge from the concepts, identifying pattern groups, and their relationships with the goal of applying appropriate patterns to security requirements. We propose the use of FCA over conventional data analysis methods for the simplicity of data preparation, the discovery of hidden knowledge, and cluster interpretation, with a visual representation of the pattern domain