Abstract
Nowadays, collaboration between multiple companies along the supply chain is one of the key factors for ensuring sustainable success. Although this fact is known by almost all companies the actual collaboration is quite low because of the fear of losing sensitive and critical data to competitors. To solve this problem an architecture for modeling and execution of privacy preserved business processes and a privacy modeling approach have been developed. This paper evaluates both artifacts. The used method is framework for evaluation in design science (FEDS).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Wolf, M.-B., Rahn, J., Hompel, M.T.: Cloud Computing für Logistik 2: Akzeptanz und Nutzungsbereitschaft der Logistics Mall bei Anwendern und Anbietern: [eine qualitative und quantitative empirische Analyse des Fraunhofer-Institutes für Materialfluss und Logistik IML. Fraunhofer Verlag (2013)
Schwarzbach, B., Pirogov, A., Schier, A., Franczyk, B.: Inter-cloud architecture for privacy-preserving collaborative BPaaS. QUIS14 (2015)
Takabi, H., Joshi, J.B.D., Ahn, G.-J.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. 8(6), 24–31 (2010)
Bélanger, F., Crossler, R.E.: Privacy in the digital age: a review of information privacy research in information systems. MIS Q. 35(4), 1017–1042 (2011)
Schwarzbach, B., Glöckner, M., Pirogov, A., Röhling, M.M., Franczyk, B.: Secure service interaction for collaborative business processes in the inter-cloud. In: 2015 Federated Conference on Computer Science and Information Systems, pp. 1377–1386. IEEE (2015). doi:10.15439/2015F282
Pearson, S.: Taking account of privacy when designing cloud computing services. In: Proceedings of the 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing, pp. 44–52 (2009)
Bundesamt, S.: 12% der Unternehmen setzen auf Cloud Computing. https://www.destatis.de/DE/PresseService/Presse/Pressemitteilungen/2014/12/PD14\textunderscore467\textunderscore52911.html(2014)
Singhal, M., Chandrasekhar, S., Ge, T., Sandhu, R., Krishnan, R., Ahn, G.-J., Bertino, E.: Collaboration in multicloud computing environments: framework and security issues. Computer (2013). doi:10.1109/MC.2013.46
Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.): DBSec 2012. LNCS, vol. 7371. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31540-4
Lindqvist, H.: Mandatory access control. Master’s Thesis in Computing Science, Umea University, Department of Computing Science, SE-901, vol. 87 (2006)
Ferraiolo, D., Cugini, J., Kuhn, D.R.: Role-Based Access Control (RBAC): features and motivations. In: Proceedings of 11th Annual Computer Security Application Conference, pp. 241–248 (1995)
Zahid, I., Josef, N.: Towards semantic-enhanced attribute-based access control for cloud services. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications, pp. 1223–1230 (2012). doi:10.1109/TrustCom.2012.280
Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 41–55. Springer, Heidelberg (2012). doi:10.1007/978-3-642-31540-4_4
Ferraiolo, D.F., Kuhn, D.R.: Role-based access controls. arXiv preprint arXiv:0903.2171 (2009)
Gouglidis, A., Mavridis, I.: domRBAC: an access control model for modern collaborative systems. Comput. Secur. 31(4), 540–556 (2012)
Le, X.H., Wang, D.: Development of a system framework for implementation of an enhanced role-based access control model to support collaborative processes. In: Proceedings of 3rd USENIX Workshops on Health Security and Privacy (2012)
Le, X.H., Doll, T., Barbosu, M., Luque, A., Wang, D.: An enhancement of the role-based access control model to facilitate information access management in context of team collaboration and workflow. J. Biomed. Inform. 45(6), 1084–1107 (2012)
Le, X.H., Doll, T., Barbosu, M., Luque, A., Wang, D.: Evaluation of an enhanced role-based access control model to manage information access in collaborative processes for a statewide clinical education program. J. Biomed. Inf. (2014). doi:10.1016/j.jbi.2013.11.007
Hu, V.C., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to Attribute Based Access Control (ABAC) definition and considerations. national institute of standards and technology (2014)
Venable, J., Pries-Heje, J., Baskerville, R.: FEDS: a framework for evaluation in design science research. Eur. J. Inf. Syst. (2014). doi:10.1057/ejis.2014.36
Hevner, A., March, S., Park, J., Ram, S.: Design science in information systems research. MIS Q. 28(1), 75–105 (2004)
Wiliam, D., Black, P.: Meanings and consequences: a basis for distinguishing formative and summative functions of assessment? Brit. Educ. Res. J. 22(5), 537–548 (1996)
Sun, Y., Kantor, P.B.: Cross-evaluation: a new model for information system evaluation. J. Am. Soc. Inf. Sci. Technol. (2006). doi:10.1002/asi.20324
Stufflebeam, D.L.: The CIPP model for evaluation. In: Kellaghan, T., Stufflebeam, D.L. (eds.) International Handbook of Educational Evaluation, vol. 9, pp. 31–62. Springer, Dordrecht (2003). Kluwer International Handbooks of Education
Mathiassen, L., Munk-Madsen, A., Nielsen, P.A., Stage, J., Jacksen, M.: Object-Oriented Analysis and Design. Marko, Aalborg (2000)
Smithson, S., Hirschheim, R.: Analysing information systems evaluation: another look at an old problem. Eur. J. Inf. Syst. (1998). doi:10.1057/palgrave.ejis.3000304
Nergaard, H., Ulltveit-Moe, N., Gjøsæter, T.: A scratch-based graphical policy editor for XACML. In: ICISSP 2015 Proceedings of the 1st International Conference on Information Systems Security and Privacy ESEO, Angers, Loire Valley, France, pp. 182–191 (2015)
Acknowledgement
The work presented in this paper was funded by the German Federal Ministry of Education and Research under the projects PREsTiGE (BMBF 16KIS0082K) and LSEM (BMBF 03IPT504X).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Schwarzbach, B., Glöckner, M., Franczyk, B., Ludwig, A. (2017). Evaluation of User Specific Privacy Policy Architecture for Collaborative BPaaS on the Example of Logistics. In: Ziemba, E. (eds) Information Technology for Management: New Ideas and Real Solutions. ISM AITM 2016 2016. Lecture Notes in Business Information Processing, vol 277. Springer, Cham. https://doi.org/10.1007/978-3-319-53076-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-53076-5_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-53075-8
Online ISBN: 978-3-319-53076-5
eBook Packages: Computer ScienceComputer Science (R0)