Abstract
The increasing adoption of Service Oriented Architecture (SOA) is allowing more and more companies to integrate themselves in interorganizational netchain environments wherein knowledge assets can be electronically shared with selected business partners. The dynamic nature of these environments implies a need for organizations to protect and monitor the flow of their valuable knowledge assets throughout the netchain if they hope to maintain their long-term competitive positions. In this paper, we propose an interorganizational knowledge-sharing security model that integrates the value chain reference model (VCOR), the federated enterprise reference architecture model (FERA), and multidimensional data warehouse technologies to allow for the proactive monitoring of shared knowledge assets across an SOA-based netchain. The proposed architecture is novel In that it supports dynamic policy revision through the automated detection of knowledge-sharing breaches within a netchain—a process whose viability is demonstrated using network flow theory and a series of simulations. Existing business intelligence infrastructures can be readily modified to support the proposed model, as multidimensional data warehousing has already been adopted in many organizations.
Article PDF
Similar content being viewed by others
References
Ahuja, R. K., Magnanti, T. L., & Orlin, J. B. (1993). Network flows: Theory, algorithms, and applications. Upper Saddle River, NJ: Prentice Hall.
Brown, G., & Carpenter, R. (2004). Successful application of service-oriented architecture across the enterprise and beyond. Intel Technology Journal, 8(4), 343–360.
CPDA (2004). Integrated process and technology framework. Livermore, CA: Collaborative Research Services/Collaborative Product Development Associates.
Drecun, V., & Brown, D. H. (2004). Closing the process/technology gap FERA. Livermore, CA: Collaborative Product Development Associates.
Eisenhardt, K., & Martin, J. (2000). Dynamic capabilities: What are they? Strategic Management Journal 21, 1105–1121.
Garg, A., Curtis, J., & Halper, H. (2003). The financial impact of information technology security breaches: What do investors think? Information Systems Security, 12, 22–33, March–April.
Gordon, L. A., & Loeb, M. P. (2006). Economic aspects of information security: An emerging field of research. Information Systems Frontiers, 8, 335–337.
Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Richardson, R. (2006). Eleventh annual CSI/FBI computer crime and security survey. San Francisco, CA: Computer Security Institute.
Grant, R. M. (1996). Toward a knowledge-based theory of the firm. Strategic Management Journal, 17, 109–122.
Gross, J. L., & Yellen, J. (2005). Graph theory and its applications (2nd ed.). Boca Raton, FL: Chapman & Hall.
Hardy, C., Phillips, N., & Lawrence, T. B. (2003). Resources, knowledge and influence: The organizational effects of interorganizational collaboration. Journal of Management Studies, 40(2), 321.
Keen, P., Balance, C., Chan, S., & Schrump, S. (2000). Electronic commerce relationships: Trust by design. Englewood Cliffs, NJ: Prentice Hall.
Kleinberg, J. M. (2000). Navigation in a small world. Nature, 406, 845.
Lazzarine, S. G., Chaddad, F. R., & Cook, M. L. (2001). Integrating supply chain and net-work analyses: The study of netchains. Journal of Chain and Network Science, 1, 7–22.
Majchrzak, A. (2004). Human issues in secure cross-enterprise collaborative knowledge-sharing: A conceptual framework for understanding the issues and identifying critical research. Los Angeles, CA: Center for Telecommunications Management.
Newman, M. E. J. (2000). Models of the small world. Journal of Statistical Physics, 101(3/4), 819–841.
OASIS (2006). Electronic Business Service Oriented Architecture: Advancing architectural patterns for using Service Oriented Architecture in electronic business. Billerica, MA: Organization for the Advancement of Structured Information Standards.
Scott, J. P. (2000). Social network analysis: A handbook (2nd ed.). Thousand Oaks, CA: Sage Publications.
Semantion (2005). Run-time service oriented architecture. Toronto, Ontario, Canada: Semantion, Inc.
Semantion (2006). FERA-based SOA. Toronto, Ontario, Canada: Semantion, Inc.
Sharda, R., Frankwick, G. L., & Turetken, O. (1999). Group knowledge networks: A framework and an Implementation. Information Systems Frontiers, 1(3), 221–239.
Shih, S. C., & Wen, H. J. (2003). Building e-enterprise security: A business view. Journal of Information Systems Security, 12(4), 41–49.
VCG (2005). The Value Chain Operations Reference (VCOR) model. Wexford, PA: Value Chain Group, Inc.
Weill, P., Subramani, M., & Broadbent, M. (2002). Building IT infrastructure for strategic agility. Sloan Management Review, 44(1), 57–65.
Ziegler, C. N., & Lausen, G. (2005). Propagation models for trust and distrust in social networks. Information Systems Frontiers, 7(4/5), 337–358.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Soper, D.S., Demirkan, H. & Goul, M. An interorganizational knowledge-sharing security model with breach propagation detection. Inf Syst Front 9, 469–479 (2007). https://doi.org/10.1007/s10796-007-9055-2
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10796-007-9055-2