Pattern Classification System Essay

2.4.2 Pattern Classification and Categories

In order to apply a pattern for a specific problem, it is imperative to locate the right pattern. This necessitates that software developers must read and understand every pattern in order to select the appropriate one. Pattern selection will be easier of patterns are classified into groups of related patterns so that it is easier to choose from the group. Developing a classification scheme involves identifying useful criteria on the basis of which patterns can be classified. Buschmann et al. (1996) have identified the essential properties that any classification scheme should have. These are:

i. It should be simple and easy to learn. ii. It should consist of only a few classification criteria.

Buschmann et al. (1996) classified patterns into three categories: architectural patterns, design patterns and idioms based on the phases in the software development lifecycle. Architectural patterns specify the fundamental structure of the system (for example LAYERS, DISTRIBUTED SYSTEMS). Design patterns give details regarding communications between subsystems (for example ACCESS CONTROL, PUBLISHER-SUBSCRIBER). Idioms are low level implementation patterns. Gamma et al. (1994) used two criteria, purpose and scope to classify 23 patterns into three categories: creational, structural and behavioral. Creational patterns are related to object creation (for example, ABSTRACT FACTORY, SINGLETON). Structural patterns are related to compositions or structures that are implemented in a software (for example, ADAPTER, COMPOSITE). Behavioral patterns are concerned with the assignment of responsibilities between objects or encapsulating behavior in an object and delegating requests to it (for example, INTERPRETER,

The key asset of an Information System is the information which it generates, stores, processes and disseminates. Information Security is the practice of defending this information from unauthorized or illegal access, disclosure, disruption, modification or destruction in order to provide confidentiality, integrity, and availability (CNSS, 2010). ISO/IEC (2016) defines Information security as - “The preservation of confidentiality, integrity, and availability of information. In addition, other properties, such as authenticity, accountability, non-repudiation, and reliability can also be involved." The foundations of security rest on the three fundamental principles or security attributes of Confidentiality, Integrity, and Availability (Commission of European Communities, 1991). These are also called the CIA triad. Confidentiality is the property which prevents disclosure of information to unauthorized individuals, entities or processes. Integrity means protecting the information from being modified in an unauthorized manner. Availability means the information is available to the intended users when required. Apart from these three concepts, five other attributes have been included as an extension to the CIA triad. These are Accountability, Auditability, Authenticity, Non-repudiation, and Privacy. Access control deals with mechanisms to control access to