Abstract

Current approaches for software development fail in the integration of security aspects. Usually, this is because of the software complexity and the specific expertise needed for the integration of modern security solutions. In this paper we present the SERENITY Project which proposes a framework addressing this issue. SERENITY is based on the separation of the development of security solutions from the development of secure software supported by these security solutions. Both developments, security solutions and secure applications, are centered on the use of libraries of precise descriptions of reusable security solutions stored in the form of security patterns. This approach fits very well with new emerging scenarios such as ambient intelligence, ubiquitous computing, grids, etc. In this paper we present the development of a secure application based on these ideas, in order to do that, we introduce an Application Programming Interface (API) specially designed for use SERENITY advantages.