Security is a challenging area within software design and development.  The fact that Microsoft have been pushing hard for a couple of years now with the high emphasis on security in their applications and still notable vulnerabilities show up is simple testament the the challenges.

So it is good to see that the Software Engineering Institute (SEI) at Carnegie Mellon University have made a booklet/paper freely available that describes some Security Design Patterns (can be found here).  I’ve not yet read all of it – but the content I have reviewed is good solid guidance.