TRUSTED INFORMATION PROCESSES IN B2B NETWORKS

Chintan Doshi, Liam Peyton

2008

Abstract

The design, implementation and management of inter-organizational business processes that operate across the Internet have to address a number of issues that do not normally arise for business processes that operate solely within an organization. A framework is needed which supports traditional business process management and which also has the technical infrastructure in place to address federated identity management, privacy compliance and performance management. In this paper, we examine how this can be accomplished in an architecture with built in event logging and privacy auditing that deploys processes defined in the Business Process Execution Language standard (BPEL) into a "Circle of Trust" (CoT) architecture as specified by the Liberty Alliance standard for federated identity management. A sample business process scenario is implemented in the proposed framework and evaluated.

References

  1. BPEL4WS. BEA, IBM, Microsoft, SAP and Siebel, “Business Process Execution Language for Web Services ”, S. Thatte, et al., May 2003. http://www.ibm.com/developerworks/library/specificat ion/ws-bpel/ Accessed 2008/03.
  2. Cantor, S., Kemp, I.J., Philpott, N.R. , Maler, E. (2004) “Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0”. OASIS SSTC, September 2004. http://docs.oasisopen.org/security/saml/v2.0/saml-core-2.0-os.pdf Accessed 2008/03.
  3. Casati, F. and Shan, M. 2000. Process Automation as the Foundation for E-Business. In Proceedings of the 26th international Conference on Very Large Data Bases (September 10 - 14, 2000). A. E. Abbadi, M. L. Brodie, S. Chakravarthy, U. Dayal, N. Kamel, G. Schlageter, and K. Whang, Eds. Very Large Data Bases. Morgan Kaufmann Publishers, San Francisco, CA, 688-691.
  4. Curbera, F., Duftler, M., Khalaf, R., Nagy, W., Mukhi, N., and Weerawarana, S., (2002). Unravelling the Web services web: an introduction to SOAP, WSDL, and UDDI. Internet Computing, IEEE 6 (2), 86-93.
  5. Frichman, R.G., Cronin and M.J. (2003) “InformationRich Commerce at a Crossroads: Business and Technology Adoption Requirements”, Communications of the ACM, Sept. 2003, Vol. 46, No. 9
  6. Hammer, Michael and Champy, James (2006), Reengineering the Corporation: A Manifesto for Business Revolution (revised and updated), Collins, 2006.
  7. Hodges, J., Cahill, C.(2006), Eds., Liberty ID-WSF Discovery Service Specification. Ver2.0, Liberty Alliance Project, New Jersey, 2006. http://www.projectliberty.org/liberty/content/downloa d/875/6201/file/liberty-idwsf-disco-svc-v2.0.pdf, Accessed 2008/03
  8. Huhns, M. N. and Singh, M. P. 2005. Service-Oriented Computing: Key Concepts and Principles. IEEE Internet Computing 9, 1 (Jan. 2005), 75-81.
  9. Jones, S., Wilikens, M., Morris, P., and Masera, M. 2000. Trust requirements in e-business. Commun. ACM 43, 12 (Dec. 2000), 81-87.
  10. Kemp, Y. (2004). Eds. “Liberty ID-WSF Web Services Framework Overview”, Liberty Alliance Project, New Jersey, 2004. http://www.projectliberty.org/liberty/resource_center/p apers Accessed 2008/03
  11. Koch, M., and Möslein, K.M. (2005) “Identity Management for Ecommerce and Collaborative Applications”, International Journal of Electronic Commerce / Spring 2005, Vol. 9, No. 3, pp. 11- 29.M.E. Sharpe Inc., 2005.
  12. Landau, S. (2003) eds., “Liberty ID-WSF Security & Privacy Overview”; version 1.0, Liberty Alliance Project, New Jersey, 2003. http://www.projectliberty.org/resource_center/specific ations/liberty_alliance_id_wsf_2_0_specifications Accessed 2008/03.
  13. Pavlou, P., Ratnasingam, P. (2003), " Technology trust in B2B electronic commerce: conceptual foundations", in Business strategies for information technology management, pp 200-215, IGI Publishing, Hershey, Pa, US. 2003.
  14. Peyton, L., Doshi, C., and Seguin, P. 2007. An audit trail service to enhance privacy compliance in federated identity management. In Proceedings of the 2007 Conference of the Center For Advanced Studies on Collaborative Research,(Richmond Hill, Canada, October, 2007. ISSN:1705-7361
  15. Ratnasingam P. (2002), “The importance of technology trust in Web services security”, Information Management & Computer Security, Volume 10, Number 5, 2002 , pp. 255-260(6).
  16. Shin D., Ahn, G-J, Shenoy, P. (2004) “Ensuring Information Assurance in Federated Identity Management”, IEEE Intl. Conference on Performance, Computing, and Communications, 2004, p. 821-826
  17. Venkatesh Shankar, Fareena Sultan and Glen L. Urban 2002. Online trust: a stakeholder perspective, concepts, implications, and future directions.,The Journal of Strategic Information Systems ,Volume 11, Issues 3-4, December 2002, Pages 325-344
  18. Wason, T., eds (2003)., "Liberty ID-FF Architecture Overview"; version 1.2, Liberty Alliance Project, New Jersey, 2003. http://www.projectliberty.org/liberty/resource_center/p apers Accessed 2008/03
  19. Wilikens, M., Morris, P. and Masera, M., Eds. 1998. Defining the European.Dependability Initiative: A Strategy Document. European Communities.EUR Report, EUR 18139 EN, May 1998.
Download


Paper Citation


in Harvard Style

Doshi C. and Peyton L. (2008). TRUSTED INFORMATION PROCESSES IN B2B NETWORKS . In Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 4: ICEIS, ISBN 978-989-8111-39-5, pages 37-44. DOI: 10.5220/0001714500370044


in Bibtex Style

@conference{iceis08,
author={Chintan Doshi and Liam Peyton},
title={TRUSTED INFORMATION PROCESSES IN B2B NETWORKS},
booktitle={Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 4: ICEIS,},
year={2008},
pages={37-44},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001714500370044},
isbn={978-989-8111-39-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 4: ICEIS,
TI - TRUSTED INFORMATION PROCESSES IN B2B NETWORKS
SN - 978-989-8111-39-5
AU - Doshi C.
AU - Peyton L.
PY - 2008
SP - 37
EP - 44
DO - 10.5220/0001714500370044