Abstract
Sales agents depend on mobile support systems for their daily work. Independent sales agencies, however, are not able to facilitate this kind of mobile support on their own due to their small size and lack of the necessary funds. Since their processes correlate with confidential information and include the initiation and alteration of legally binding transactions they have a high need for security. In this contribution we first analyze the target domain using qualitative and quantitative methods and propose an IT-artifact that supports independent sales agencies. It is build as a service platform that supports multi-vendor sales processes. Afterwards, we examine use cases of sales representatives of independent sales agencies using this system and derive their security requirements. Using these, we propose a security extension to the IT-artifact and evaluate this extension by comparing it to existing solutions. Our results show that the proposed artifact extension provides a more convenient and secure solution than already existing approaches.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
Subscriber Identity Module.
References
Adams A, Sasse MA, Lunt P (1997) Making Passwords Secure and usable. In: proceedings of HCI on people and computers XII, August, Bristol, Springer, pp 1–19
Anderson R (2001) Why information security is hard: an economic perspective. In: Applied computer security applications conference (ACSAC 01), Dezember, Las Vegas, Nevada
Benz A, Ritz T, Stender M (2003) Marktstudie mobile CRM-Systeme. Fraunhofer IRB Verlag, Stuttgart
Brown BJ, Callis K (2004) Computer password choice and personality traits among college students. Southeast Missouri State University, Cape Girardeau
Canadian System Security Centre (1993) The Canadian trusted computer product evaluation criteria: version 3.0e. Communication Security Establishment, Government of Canada, Canada
Clarke NL, Furnell SM (2007) Advanced user authentication for mobile devices. Comput Secur 26(2):109–119
Dolmetsch R (2000) eProcurement, Addison Wesley, Boston
Dumortier J, Kelm S, Nilsson H, Skouma G, Van Eecke P (2003) The legal and market aspects of electronic signatures: legal and market aspects of the application of directive 1999/93/EC and practical applications of electronic signatures in the Member States, the EEA, the Candidate and the Accession countries, Interdisciplinary centre for law and information technology, Katholieke University Leuven, http://europa.eu.int/information_society/eeurope-/2005/all_about/security/electronic_sig_report.pdf, Oktober
Farrell J, Shapiro C (1988) Dynamic competition with switching costs. RAND J Econ 19(1):123–137
Ghosh AK, Swaminatha TM (2001) Software security and privacy risks in mobile e-commerce: examining the risks in wireless computing that will likely influence the emerging m-commerce market. Commun ACM 44(2):51–57
Haller J, Robinson P, Walter T, Kilian-Kehr R (2002) Framework and architecture for secure mobile business applications. In: Gritzalis D, De Capitani di Vimercati S, Samarati P, Katsikas SK (ed). Security and privacy in the age of uncertainty, Proceedings of the IFIP TC11 international conference on information security (SEC2003), May 26–28, Athens, Greece, Kluwer, pp 413–416
Hevner AR, March ST, Park J, Ram S (2004) Design science in information systems research. MIS Q 28(1):75–105
Ives B, Walsh KR, Schneider H (2004) The domino effect of password reuse. Commun ACM 47(4):75–78
Karjoth G (2003) Access control with IBM Tivoli access manager. ACM Trans Inf Syst Secur 6(2):232–257
Kesh S, Ratnasingam P (2007) A knowledge architecture for IT security. Commun ACM 50(7):103–108
Kett H, Höß O and Kokemüller J (2008a) Mobile Multilieferanten-Vertriebsinformationssysteme für Handelsvertretungen und -vermittlungen, Fraunhofer IRB, Stuttgart
Kett H, Kokemüller J, Höß O, Engelbach W, Weisbecker A (2008b) A mobile multi-supplier sales information system for micro-sized commercial agencies. In: proceedings of the eChallenges conference 2008, Stockholm
Kokemüller J, Kett H, Höß O, Weisbecker A (2008) A mobile support system for collaborative multi-vendor sales processes. In: proceedings of the 14th Americas conference on information systems (AMCIS), 14–17 August, Toronto
Leek S, Turnbull PW, Naude P (2003) How is information technology affecting business relationships? results from a UK survey. Ind Mark Manage 32(2):119–126
Mayes KMK, Piper F (2005) Smart card based authentication: any future? Comput Secur 24:188–191
Merritt NJ, Newell SJ (2001) The extent and formality of sales agency evaluations of principals. Ind Mark Manage 30(1):37–49
Nunamaker FJ, Chen M, Purdin TDM (1991) Systems development in information systems research. J Manage Info Sys 7(3):89–106
Project Wireless Trust for Mobile Business (2002) Deliverable D4: SIM application hosting: detailed description of the concept, Munich, Germany
Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public key cryptosystems. Commun ACM 21(2):120–126
Roßnagel H (2004) Mobile signatures and certification on demand. In: Katsikas SK, Gritzalis S, Lopez J (eds) Public key infrastructures. Springer, Berlin, pp 274–286
Roßnagel H (2009) Mobile Qualifizierte Elektronische Signaturen: Analyse der Hemmnisfaktoren und Gestaltungsvorschläge zur Einführung, Gabler, Wiesbaden
Roßnagel H, Royer D (2005) Profitability of mobile qualified electronic signatures. In: proceedings of the 9th pacific Asia conference on information systems (PACIS 05). Juli, Bangkok, pp 1345–1355
Schillewaert N, Ahearne MJ, Frambach RT, Moenaert RK (2005) The adoption of information technology in the sales force. Ind Mark Manage 34(4):323–336
Schulz E (2007) Mobile computing: The next Pandora’s Box. Comput Secur 26(3):187
Swanson M (2001) Security self assessment guide for information technology systems: special publication 800–26, National Institute for Standards and Technology. US Government Printing Office, Washington
Walker B, Barnes SJ (2005) Wireless sales force automation: concept and cases. Int J Mob Commun 3(4):411–427
Yan J, Blackwell A, Anderson R, Grant A (2004) Password memorability and security: empirical results. IEEE Secur Priv 2(5):25–31
Acknowledgment
This work was funded as part of the project M3V (http://www.m3v-projekt.de) by the Federal German Ministry of Economy and Technology.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Kokemüller, J., Roßnagel, H. Secure mobile sales force automation: the case of independent sales agencies. Inf Syst E-Bus Manage 10, 117–133 (2012). https://doi.org/10.1007/s10257-010-0157-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10257-010-0157-x