Organizational Patterns for Security and Dependability: From Design to Application

Abstract

Designing secure and dependable IT systems requires a deep analysis of organizational as well as social aspects of the environment where the system will operate. Domain experts and analysts often face security and dependability S&D issues they have already encountered before. These concerns require the design of S&D patterns to facilitate designers when developing IT systems. This article presents the experience in designing S&D organizational patterns, which was gained in the course of an industry lead EU project. The authors use an agent-goal-oriented modeling framework i.e., the SI* framework to analyze organizational settings jointly with technical functionalities. This framework can assist domain experts and analysts in designing S&D patterns from their experience, validating them by proof-of-concept implementations, and applying them to increase the security level of the system.