Abstract

Authentication Design Patterns provide promising design solutions for software architects to address security risks early in the development process. Despite their potential, he limited guidance in selecting appropriate patterns hinders their practical application. In this regard, Constraint-based Recommender Systems (CBRS) can be utilised to support architects in selecting suitable AuthN DPs that align with their specific requirements. However, to operationalise this approach, reusable knowledge is needed, with which AuthN DPs can be compared with each other. To address this limitation, this thesis proposes a property classification approach to model AuthN DPs through characteristic properties. Following the Design Science Research methodology, we conducted a focused literature review to identify properties and then systematically analysed them, leading to the development of a metamodel outlining the taxonomy of AuthN DP property models. The categorical properties specified by this metamodel can easily be utilised by a CBRS for straightforward comparisons between AuthN DPs. Furthermore, the metamodel outlines an abstraction hierarchy of quality properties, which enables systematic assessment at each abstraction level. To this end, we provide example metrics for each quality property hierarchy and demonstrate the applicability of this approach for metric-based evaluations and comparision of AuthN DPs. This classification approach lays the foundation for the implementation of Knowledge Bases for AuthN DPs that support their recommendation process and enable their evaluation.

Resources

• Thesis report