Reusing time-tested solutions rather than inventing ad-hoc quick fixes is a wellknown security principle. Architectural and design patterns represent proven techniques to package knowledge from software engineering experts in a reusable format. More importantly, the solution proposed by a pattern is known to be sound because it is time-tested—its strengths, weaknesses and possible drawbacks are known in advance. Therefore, in software security engineering, security patters have been considered to be a very promising means to increase the quality of secure design and make security more accessible to software engineers. However, their adoption does not live up to their potential. To understand why this is so, this paper analyzes the literature of security patterns published over the last ten years and outlines existing gaps.

Information privacy has received significant attention in past years. The shift from physical to online interaction entails a change in privacy paradigms. Yet, most of the attention has been directed at forms of self-identifying information (e.g. health records and financial information); less attention has been given to privacy concerns resulting from the information provided voluntarily by users during online social interaction. This paper suggests privacy literacy- an educational framework that will be used to enhance users' awareness to privacy issues that are intertwined in online exposure.