Design Patterns and Refactoring for Online Security

Design Patterns and Refactoring for Online Security
Table of contents:

Key words
Literature review


The current study focuses on the development of the effective online security system and possible improvements that can enhance existing online security systems. In actuality, the problem of poor online security affects many companies as well as average users, whereas in the future, the problem will aggravate, if nothing is done to enhance online security. The study used interviews and questionnaires involving IT specialists to reveal effective ways to improve online security. In this respect, the development of new security design patterns and refactoring proved to be quite effective because they can help consistently to improve the online security.

Key words: security design patterns, refactoring, online security


In actuality, the problem of the development of an effective online security system is one of the major challenges to contemporary IT specialists as well as specialists operating in the field of high technologies and modern telecommunication systems. As the matter of fact, the emergence of Internet and the rapid development of online business along with the fast development of modern telecommunication systems raised the problem of the online security. In fact, the modern society has failed to come prepared to the modern digital era, when internet and modern telecommunication systems have become an integral part of the life of modern people. Online activities, including online business, suffer from various manipulations, frauds, information breaches and other problems. In this regard, the technological progress comprises just a part of the problem because the lack of legal regulations, such as regulation of online activities concerning privacy, intellectual property rights, and so on, lead to the violation of traditional, conventional rules without any serious legal liabilities of those, who are responsible for such activities that violate conventional norms.

In such a context, the question concerning the improvement of online security systems arises. In this respect, it is important to research the strategic directions in which improvements can be made. In actuality, the development of effective security design patterns and refactoring are particularly prospective (Hair, et al., 1995) because they open larger opportunities for updating online security systems fast and, thus, increase their reliability and security. In this respect, the use of JAVA and other languages can be helpful to increase online security. On analyzing diverse design patterns, it is worth mentioning the fact that JAVA is not the only language and not the best one to be used in the contemporary online environment. Instead, it is possible to refer to such design patterns as LISP, which has already proved its efficiency and reliability and which can be particularly effective today due to its traditional flexibility and adaptability to different environment and user friendliness. At the same time, refactoring can be helpful as well because it contributes to the composing and change of package codes properly that allows increasing online security level consistently. In addition, they can contribute to the facilitation of the process of updating of online security systems because they can be used as models for the development of diverse security systems that will raise new barriers on the way to information breaches and other attempts of the violation of online security.

Literature review

In actuality, many specialists (George, 2004) argue that internet and modern telecommunication systems are vulnerable to the emergence of frauds and violation of human rights and legal norms because this field is poorly regulated and the scope for frauds and illegal use of information is enormous. In such a situation, specialists (LaRose and Rifon 2007a) believe that online security becomes the crucial issue which defines the information security of internet users as well as other users that may expose their private information to the risk of unsanctioned use through any telecommunication system they use today. Obviously, the online security becomes one of the major priorities in the development of information systems of many companies as well as individuals (Hinde, 2003).
In such a situation, the question concerning reasons of such a strong need in the development of the effective online security system arises. To answer this question, specialists (Jakobsson and Myers, 2006) often refer to the risk of information breaches, which they consider to be one of the major threats of the modern digital age. In fact, the problem of information breaches has already become one of the major challenges to the development of modern information systems as well as internet at large. In this respect, it is possible to refer to the experience of many online companies as well as companies that provide online services as a part of their business. Cases of information breaches are frequent in the modern world and many companies attempt to protect data from information breaches developing their own online security systems or outsourcing such systems using reliable companies that can increase their security level and prevent information breaches (George, 2004). On the other hand, specialists (Phelps, et al., 2000) warn that online security systems will not be able to eliminate the problem of information breaches but they can just make it more difficult to obtain information or get unauthorized access to information.
One of the effects of information breaches is the identity theft. In fact, this problem is closely intertwined with the violation of basic human rights such as the privacy right (Jakobsson and Myers, 2006). At the same time, along with ethical concerns, specialists (George, 2004) raise the problem of negative legal and financial outcomes of the identity theft. The identity theft may lead to the unauthorized use of financial resources of victims and other serious problems, whereas victims may be not aware of the threat of identity theft.

Furthermore, it is important to remember about refactoring as an important element of improvement of online security. Specialists (Norberg, et al., 2007) argue that refactoring is a process of changing a software system in such a way that it does not alter the external behavior of the code but it improves its internal structure that leads to the improvement of online security. As a rule, refactoring is done in small steps because long methods make refactoring ineffective (George, 2004). Specialists (Hinde, 2003) argue that in the course of refactoring practitioners typically interleave bug fixes and feature additions between these steps.

In such a situation, specialists suggest developing new, effective online security systems or improvement of existing ones (Ha, et al., 2006). However, such recommendations are quite difficult to implement because the development of new or updating existing online security systems will need much efforts and financial resources. On the other hand, the ignorance of the problem of ineffectiveness of online security systems may lead to the aggravation of the current situation and the emergence of cyber-crimes in global terms (Hinde, 2003). Therefore, specialists (Ha, et al., 2006) agree that the development of online security systems is the strategic direction of the development of internet, online services and modern telecommunication systems.

Specialists (LaRose and Rifon, 2007a) distinguish different types of design patterns, including creational, structural, and behavioral design patterns. Creational design patterns are normally used for creation of objects. Using such design patterns provides more flexibility to online services, especially when the high level of control over the creation of objects is needed. In actuality, creational design patterns are normally used to restrict the total number of instance of a class (George, 2004). Structural design patterns used to help users to structure objects in common classes and large structures to meet the complex requirements in a structured way (LaRose and Rifon, 2007a). As a rule, such design patterns are used to create a complex user interface. Today, such design patterns are particularly popular and aim at the creation of user friendly interfaces. Finally, behavioral design patterns are used to define communication between objects of a proposed solution (Ha, et al., 2006). These design patterns help to define the flow of a complex system (Norberg, et. al., 2006).


The development of online security systems is extremely important today. At the same time, it is important to find out effective approaches to the development of reliable online security information systems. The current study will involve IT specialists, who have an extensive experience in the field of information technologies and online security systems. The study will involve ten IT specialists working in different companies and having different experience. Six IT specialists are males and four IT specialists are female. The age of subjects vary from 24 to 51. They have different experience and different positions in their companies from average IT specialists to heads of IT departments. The choice of subjects of the current research was determined by their specialization. In fact, IT specialists are the best choice because they have a profound knowledge of the problem researched in the current study. They can forecast and understand potential threats and risks that can undermine the functioning of online security systems as well as they can develop effective tools to protect information and online security systems.

The current study involved the use of two methods of qualitative analysis, interviews and questionnaires which help to reveal the current situation and assess prospects of the development of online security systems in the contemporary business environment. In fact, the choice of methods of the current research was determined by the goals of the study.

In this regard, the controlled process creator pattern can be used by specialists to evaluate the effectiveness of online security and to implement properly design patterns. For instance, the use of LISP may have good prospects, when it is applied to online services in the contemporary online environment. Even though this design patterns is one of the first ones that appeared but principles of its functioning are still useful and effective. At any rate, specialists (George, 2004) point out that LISP can reach the high level of online security due to its flexibility. As a result, LISP can be applied to improve the quality and security of online services and to increase the protection of data stored and transferred online.

In fact, interviews could help consistently to obtain detailed information on the development of effective online security systems because they allow to get the opinion of different IT specialists on the current situation in the field of online security as well as existing risks and threats to the online security, users and companies operating online. Basically, interviews is an effective method of qualitative analysis because, in the course of interviews, IT specialists, who were subjects of the research, could provide the researcher with detailed information on their opinion and views on existing online security systems and their possible improvements.

In this regard, questionnaires are also quite effective, although they are different from interviews because they leave little room for expressing personal opinion of IT specialists about the problems discussed in the study and their solutions. Instead, the subjects of the study obtained possible options they have to choose in the course of their responses in the questionnaires. At the same time, questionnaires can help to obtain precise information on the subject of the research. To put it more precisely the researcher can direct the subjects of the research and to get specific information on the issues he or she is interested in.


The results of the research have proved the general trend which could be traced in the previous researches conducted in regard to the development of effective online security systems. To put it more precisely, in the course of interviews, the overwhelming majority of IT specialists have recognized the fact that existing online security systems are imperfect and need substantial improvements. At the same time, when IT specialists were asked about specific recommendations they could give in regard to the improvement of online security systems, seven out of ten had substantial difficulties with providing the researcher with clear and comprehensible recommendations. Practically all IT specialists agreed that IT technologies and telecommunication systems keep progress so fast that online security systems cannot always catch up with the development of new technologies and offenders often have an opportunity to deceive users and obtain information they need or get access to the data they need. In such a way, the development of online security system should outpace the development of information technologies used by offenders. In such a context, many specialists (Norberg, et al., 2007) cite numerous cases of information breaches, identity theft and unauthorized use of information. These cases violate the right to privacy along with intellectual property rights. IN such a situation, the necessity to improve existing online security systems and information systems becomes obvious.

At the same time, some specialists (George, 2004) stand on the ground that today JAVA, being one of the most widely-used languages is not the most effective one in regard to online security. Instead, IT specialists (Hinde, 2003) suggest alternatives such as LISP, which is one of the oldest languages used in programming. This language persists today and some specialists (George, 2004) still believe that LISP had good prospects for the further development as an alternative to JAVA. In this respect, it is important to place emphasis on the fact that LISP proves to be quite a flexible language. The flexibility is the crucial characteristics when the online security is at stake. What is meant here is the fact that the high level of online security can be reached only through the fast and effective updating and changing of design patterns and programming language that is not always easy to do with such a language as JAVA. In this regard, LISP has always been characterized by the high level of flexibility that facilitates introduction of changes and improvement of the online security. To put it more precisely, LISP is actually the linked lists which comprise the LISP major data structures. In addition, the LISP source code is made of these lists. As a result, LISP programs can manipulate source code as a data structure bringing in the flexibility essential for the high level of online security. In such a way, through introducing changes in the source code, it is possible to improve the online security system consistently.

Among the variety of design patterns specialists single out design patterns that can be used effectively in online services, when the close interaction between online companies and users is needed. In this regard, structural design patterns are particularly useful and helpful because they facilitate using online services and maintain the high level of internet security. In addition, they help to create user friendly interfaces. On the other hand, creational and behavioral design patterns are also quite popular today.


On analyzing the results of the current research, it is important to place emphasis on the fact that modern online security needs ongoing improvements. In fact, the development of new online security systems is essential to cope with existing challenges and progressing information technologies which allow offenders to surpass existing online security systems easily. In such a situation, the development of new online security systems may be accompanied by updating of existing online security system. In fact, it is important to outpace potential offenders and hackers using unauthorized access to private information, identity theft and other cyber crimes.

In this regard, many IT specialists recommend developing model-driven architecture development of online security systems. As the matter of fact, the model-driven architecture implies that online security systems will use effective models of development of such systems. As a result, developers of online security systems will need to use existing models to create new online security systems. The use of model-driven architecture facilitates the creation of new online security systems, although the risk of information breaches persists because the models used in the creation of online security systems may be well-known to offenders.

In such a situation, it is extremely important to raise users’ awareness of existing risks and threats. In fact, users should understand that their personal information can be under a threat and they have to pay a lot of attention to the protection of personal information, unless they want to become victims of information breaches and other cyber crimes. Users should understand risks and threats in order to be capable to cope with them. When people know where threats come from they can protect their private information and avoid unnecessary risks.


Thus, taking into account all above mentioned, it is important to place emphasis on the fact that the development of effective online security systems is crucial because the development of internet and modern telecommunication systems opens wide opportunities for information breaches, identity thefts and various cyber crimes. In such a situation, the development of effective online security systems can help companies and individuals to protect private information and minimize the risk of information breaches. In this regard, the use of model-driven architecture of online security systems can be very helpful because it facilitates the development and updating of online security systems and, thus, minimizes the risk of information breaches, identity thefts and other cyber crimes. In such a situation, IT specialists should unite their efforts and focus on the development of new and updating of existing online security systems. At the same time, users should also be aware of potential risks they can face while using internet and modern telecommunication systems.


Baron, Reuben M. and David A. Kenny. 1986. The Moderator-Mediator Variable Distinction in Social Psychological Research: Conceptual, Strategic, and Statistical Considerations. Journal of Personality and Social Psychology, 51 (6): 1173-1182.
Churchill, Gilbert A. Jr. 1979. A paradigm for developing better measures of marketing constructs. Journal of Marketing Research, 16: 64-73.
Fornell, Claes and David F. Larcker. 1981. Structural Equation Models with Unobservable Variables and Measurement Error: Algebra and Statistics. Journal of Marketing Research, 18 (3): 382-388.
George, Joey F. 2004. The Theory of Planned Behavior and Internet Purchasing. Internet Research, 14 (3): 198-212.
Ha, Vicki, Farah Al Shaar, Kori Inkpen, and Lina Hdeib. 2006. An Examination of User Perception and Misconception of internet Cookies in CHI 2006. In Gary M. Olson and Robin Jeffries (Eds.), Extended Abstracts on Human Factors in Computing Systems (833-838). Montreal: Association for Computer Machinery.
Hair, Joseph F., Rolph E. Anderston, Ronald L. Tatham, and William Black. 1995. Multivariate Data Analysis with Readings. Upper Saddle River, N J: Prentice-Hall, Inc.
Hinde, Stephen. 2003. Careless about Privacy. Computers & Security, 22 (4): 284- 288.
Hsu, Meng-Hsiang and Chao-Min Chiu. 2004. Internet Self-Efficacy and Electronic Service Acceptance. Decision Support Systems, 38 (December): 369-381.
Ives, Blake, Kenneth R. Walsh, and Helmut Schneider. 2004. The Domino Effect of Password Reuse. Communications of the ACM, 47 (4): 75-78.
Jakobsson, Markus and Steven Myers. 2006. Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft. Hoboken, NJ: Wiley- Interscience.
Keller, Punam Anand and Lauren Goldberg Block. 1996. Increasing the Persuasiveness of Fear Appeals: The Effect of Arousal and Elaboration. Journal of Consumer Research, 22 (4): 448-459.
Kim, Young Hoon and Dan J. Kim. 2005. A Study of Online Transaction Self- Efficacy, Consumer Trust, and Uncertainty Reduction in Electronic Commerce Transaction. Proceedings of the 38th International Conference on System Sciences, Big Island, Hawaii, January 3- January 6.
LaRose, Robert and Nora J. Rifon. 2007a. Promoting i-Safety: Privacy Warning Boxes, Privacy Seals and Online Privacy Behaviors. Journal of Consumer Affairs, 41 (Summer): 127-149.
Miyazaki, Anthony, D. and Aria Fernandez. 2001. Consumer Perceptions of Privacy and Security Risks for Online Shopping. Journal of Consumer Affairs, 35 (Summer): 27-44.
Norberg, Patricia, Daniel R. Horne, and David A. Home. 2007. The Privacy Paradox: Personal Information Disclosure Intentions versus Behaviors. Journal of Consumer Affairs, 41 (Summer): 100-126.
Phelps, Joseph, Glenn Nowak, and Elizabeth Ferrell. 2000. Privacy Concerns and Consumer Willingness to Provide Personal Information. Journal of Public Policy and Marketing, 19 (1): 27-41.
Rifon, Nora, J., Robert LaRose, and Sejung Marina Choi. 2005. Your Privacy Is Sealed: Effects of Web Privacy Seals on Trust and Personal Disclosures. Journal of Consumer Affairs, 39 (2): 339-362.

Design Patterns and Refactoring for Online Security 7.8 of 10 on the basis of 2899 Review.