6th European Conference - Academic Conferences
6th European Conference - Academic Conferences
6th European Conference - Academic Conferences
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Information Management Security for Inter-Organisational<br />
Business Processes, Services and Collaboration<br />
Maria Semmelrock-Picej 1 , Alfred Possegger 2 and Andreas Stopper 2<br />
1<br />
eBusiness Institute, Klagenfurt University, Austria<br />
2<br />
Infineon IT-Services GmbH Austria, Austria<br />
Maria.Semmelrock-Picej@aau.at<br />
Alfred.Possegger@infineon.com<br />
Andreas.Stopper@infineon.com<br />
Abstract: Web-based collaborations and cross-organizational processes typically require dynamic and contextbased<br />
interactions between involved parties and services. Due to temporary nature of collaboration and an<br />
evolving of competencies of involved companies over time security issues like trust, privacy and identity<br />
management are of a high interest for a long lasting success of virtual collaborations This paper adresses this<br />
issue by presenting some results of an international research project. The vision of this project is to implement a<br />
virtual cooperation system for SMEs to be used for realizing competitive advantages through virtual cooperations.<br />
The paper describes some results of this system. Especially we will discuss issues concerned with identity<br />
management. Identity Federation is one of the key concepts of SPIKE to support “virtual organizations”, their fast<br />
setup, comfortable maintenance and orderly closing. This paper describes the mechanisms from which<br />
collaboration partners, registered at the SPIKE platform, will be authenticated by using a standardized identity<br />
federation protocol – Shibboleth. It is shown how the identity data of a company, using its own IDMS, can be<br />
integrated into the SPIKE platform and what a company has to setup from a technical point of view so that its<br />
employees can be authenticated via Shibboleth. Further an approach is presented suitable for mostly SMEs<br />
which do not have an own IDMS.<br />
Keywords: eCollaboration, security, identity management, phases of cooperation<br />
1. Introduction<br />
Nowadays competition is no longer between single enterprises but among supply chains with numerous<br />
actors. Effective supply chain management has therefore become a potentially valuable way of<br />
securing a competitive advantage and improving organizational performance. Firms are seeking<br />
synergistic combinations of resources and changing their roles and value positions through digital<br />
collaborations (Klein, Rai and Straub 2007). However the understanding of the how and which areas<br />
are most important for the success is still incomplete.<br />
It has been noted in literature that information and communication technologies have a significant<br />
impact on the economic situation and knowledge based activites in peripheral regions. Especially for<br />
SMEs in the cross-border region Carinthia and Slovenia (Ziener 2010) identified a low rate of<br />
internationalization, a small amount of crossborder supply chain networks and activities limited to<br />
regional borders.<br />
ICT support collaboration among people with different competencies and capabilities in virtual<br />
collaborations (Mohrmann et al. 2003), facilitate knowledge access and sharing (Davenport and<br />
Prusak 1998) and enable the codification and dissemination of explicit knowledge (Zack 1999). Virtual<br />
collaboration also increases the knowledge about who knows what, enabling virtual joint work and<br />
supporting easier and fast setup of short-term project based and loosely coupled chains among<br />
participants. In doing so, studies have analyzed that a participation of small and medium sized<br />
enterprises in eCollaboration environments could improve their situation in peripheral regions.<br />
However, despite the general agreement on the positive impacts of virtual collaborations, detailed<br />
micro level evidence on the preconditions and success is limited. Yet it has been analysed, that the<br />
way SMEs interact in collaborative environments depends to a big extent on the security<br />
functionalities and management which impact on almost all knowledge-related activities as a basic<br />
precondition. In other words, existing work typically narrows to very specific processes or activities.<br />
This contribution emphasizes the potential capability of ICTs and their fundamental role to create a<br />
virtual dimension through which companies can share and create new knowledge at both tacit and<br />
explicit level.<br />
Companies have a serious privacy concern about how their information is used, disclosed and<br />
protected and the degree of control they have over the dissemination of the information. Especially<br />
238