Security pattern lattice: A formal model to organize security patterns

Except for some work in classifying Security Patterns (SP) based on taxonomy and linguistic metaphors not much has been done in organizing SP. No suitable formal model for organization of security patterns is yet available. In this paper, exploiting results from Formal Concept Analysis (FCA) a formal model to organize SP is introduced. Using a trust-based security model, Trust Elements (TE) and SP are enumerated. These elements and patterns are treated as formal concepts leading to a Security Pattern Lattice SPL and organized as a concept lattice to generate the security pattern lattice. Within such a model the patterns are categorized using the FCA technique of scaling.