Web Application Security Patterns
Darrell M. Kienzle, Matthew C. Elder, David Tyree, James Edwards-Hewitt - Security Patterns:
"We have produced a Security Patterns Repository [PDF] consisting of 26 patterns and 3 mini-patterns. (A mini-pattern is a shorter, less formal discussion of security expertise in terms of just a problem and its solution.) We focused on the domain of Web application security to bound the scope of the problems that our patterns address."