S&D Pattern Deployment at Organizational Level: A Prototype for Remote Healthcare System

The analysis of security incidents and frauds has shown that several vulnerabilities of IT systems are due to loopholes in the policies and procedures adopted by organizations as well as in their structure. Organizations have thus to address security and dependability issues by analyzing their organizational setting. In this paper, we present a methodology to support the deployment of Security & Dependability patterns according to their position in the Enterprise Architecture and the underlying system infrastructures. The methodology discriminates the pattern deployment process between recommendations and guidelines. Recommendations concretize the deployment with refined software and/or hardware related patterns, whereas guidelines specify the organizational patterns in terms of the system-to-be, proposing human-resource and/or policy solutions. To make the discussion more concrete, we illustrate the framework with a case study on an emergency scenario within a remote healthcare system.