Security Patterns na aula de 3a

[Fabio Kon <kon*ime:usp:br>]

Oi Gente,

É com satisfação que anuncio que na aula de 3a teremos uma visita  
ilustre. O Prof. Eduardo Fernandez da Florida Atlantic University  
estará vindo para o Simpósio de Segurança no ITA para dar um tutorial  
sobre "Secure Systems Design Using UML". O Prof. Fernandez é a maior  
autoridade mundial em padrões para segurança de sistemas de software  
e lançou um livro sobre isso em 2006.

Para tanto, ele vai passar um dia em São Paulo e eu o peguei para dar  
uma aula para vocês que vai ser muito boa! Não Percam!

Por favor, não cheguem atrasados em respeito ao nosso convidado  
internacional.

[]s,
fabio.
>            			                     Security patterns
>
>                                                      Eduardo B.  
> Fernandez
>
>                                       Dept. of Computer Science and  
> Engineering
>
>                                                    Florida Atlantic  
> University
>
>                                                        Boca Raton,  
> FL, USA
>
>                                                   http:// 
> www.cse.fau.edu/~ed
>
>
>
> Abstract
>
> Analysis and design patterns are well established as a convenient  
> and reusable way to build high-quality object-oriented software.  
> Patterns combine experience and good practices to develop basic  
> models that can be used for new designs. Security patterns join the  
> extensive knowledge accumulated about security with the structure  
> provided by patterns to provide guidelines for secure system design  
> and evaluation.  A variety of security patterns has been developed  
> for the construction of secure systems. We classify and survey some  
> of these patterns. We can apply these patterns through a secure  
> system development method that uses different mechanisms based on a  
> hierarchical architecture whose layers define the scope of each  
> security mechanism. We are building a catalog of security patterns  
> that helps in defining the security mechanisms at each  
> architectural level and at each development stage. In addition to  
> their value for new system design, security patterns are useful to  
> evaluate existing systems by analyzing if they include specific  
> patterns or not. They are also useful to compare security standards  
> and to verify that products comply with the standard. Finally, we  
> have found security patterns very valuable for teaching security  
> concepts and mechanisms.
>
>
>
> Eduardo B. Fernandez (Eduardo Fernandez-Buglioni) is a professor in  
> the Department of Computer Science and Engineering at Florida  
> Atlantic University in Boca Raton, Florida. He has published  
> numerous papers on authorization models, object-oriented analysis  
> and design, and security patterns. He has written four books on  
> these subjects, the most recent being a book on security patterns..  
> He has lectured all over the world at both academic and industrial  
> meetings. He has created and taught several graduate and  
> undergraduate courses and industrial tutorials. His current  
> interests include security patterns and web services security. He  
> holds a MS degree in Electrical Engineering from Purdue University  
> and a Ph.D. in Computer Science from UCLA. He is a Senior Member of  
> the IEEE, and a Member of ACM. He is an active consultant for  
> industry, including assignments with IBM, Allied Signal, Motorola,  
> Lucent, and others. More details can be found at http:// 
> www.cse.fau.edu/~ed