Organizational Patterns for Security and Dependability: From Design to Application

Authors:
Fabio Massacci;Yudis Asnar;Ayda Saidane;Carlo Riccucci;Massimo Felici;Alessandra Tedeschi;Paul El-Khoury;Keqin Li;Magali Séguran;Nicola Zannone
Affiliations:
University of Trento, Italy;University of Trento, Italy;University of Trento, Italy;Engineering Ingegneria Informatica S.p.A, Italy;Deep Blue, Italy;Deep Blue, Italy;SAP Research, France;SAP Research, France;SAP Research, France;Eindhoven University of Technology, The Netherlands
Venue:
International Journal of Secure Software Engineering
Year:
2011

Citing 14
Cited 1

Security Engineering: A Guide to Building Dependable Distributed Systems

Security Engineering: A Guide to Building Dependable Distributed Systems
Stepwise Construction and Refinement of Dependability Models

DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
Security and Privacy Requirements Analysis within a Social Setting

RE '03 Proceedings of the 11th IEEE International Conference on Requirements Engineering
Security Engineering with Patterns: Origins, Theoretical Models, and New Applications

Security Engineering with Patterns: Origins, Theoretical Models, and New Applications
Tropos: An Agent-Oriented Software Development Methodology

Autonomous Agents and Multi-Agent Systems
A Brief Comparative Study on Analytical Models of Computer System Dependability and Security

PDCAT '05 Proceedings of the Sixth International Conference on Parallel and Distributed Computing Applications and Technologies
The Dempster--Shafer calculus for statisticians

International Journal of Approximate Reasoning
Risk as Dependability Metrics for the Evaluation of Business Solutions: A Model-driven Approach

ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Using Security and Dependability Patterns for Reaction Processes

DEXA '08 Proceedings of the 2008 19th International Conference on Database and Expert Systems Application
A Model-Driven Approach for the Specification and Analysis of Access Control Policies

OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
S&D Pattern Deployment at Organizational Level: A Prototype for Remote Healthcare System

Electronic Notes in Theoretical Computer Science (ENTCS)
How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns

Artificial Intelligence and Law
A goal oriented approach for modeling and analyzing security trade-offs

ER'07 Proceedings of the 26th international conference on Conceptual modeling
Security and trust requirements engineering

Foundations of Security Analysis and Design III

Applying error correction codes to achieve security and dependability

Computer Standards & Interfaces

Quantified Score

Hi-index	0.00

Visualization

Abstract

Designing secure and dependable IT systems requires a deep analysis of organizational as well as social aspects of the environment where the system will operate. Domain experts and analysts often face security and dependability S&D issues they have already encountered before. These concerns require the design of S&D patterns to facilitate designers when developing IT systems. This article presents the experience in designing S&D organizational patterns, which was gained in the course of an industry lead EU project. The authors use an agent-goal-oriented modeling framework i.e., the SI* framework to analyze organizational settings jointly with technical functionalities. This framework can assist domain experts and analysts in designing S&D patterns from their experience, validating them by proof-of-concept implementations, and applying them to increase the security level of the system.