Secure Middleware Patterns

Middleware typically includes a set of functions that provide services to distributed applications. To design middleware architectures, developers often employ architectural patterns – solutions to recurring software problems. In general these patterns do not contain any security features, however, it is possible to make secured versions of them using experience or by considering security threats and countermeasures in real-life implementations. Using this inductive approach we have built up a catalog of such (compound security) patterns for middleware. They can be used by developers early in the software development life-cycle to efficiently determine a set of relevant security requirements. In this paper we continue the same line of work to secure the Wrapper Façade and Distributed Publish/Subscribe patterns, extending the inductive approach from before with a deductive approach based on a use-case driven threat analysis. We document the resulting Secure Façade compound pattern briefly, and the Secure Publish/Subscribe in more detail.