683Accesses
15Citations
3Altmetric
Abstract
Security of private information is a critical requirement for information sharing in supply chains. Security is measured on a variety of metrics: participating suppliers in a supply chain process need guarantees on confidentiality, anonymity, and privacy; the purchaser needs assurance on verifiability and non-repudiation. Given the mutually exclusive nature of security metrics such as anonymity vs. non-repudiation, and confidentiality vs. verifiability, the challenge is to design a process that satisfies all these metrics. In this paper, we propose three major processes that enable secure information sharing and secure computation of arbitrary supply chain functions. We evaluate and compare the secure processes using a ranking method and score function, which we propose for that purpose. We find that certain processes will be preferred over other processes, depending on the environmental characteristics and user preferences. Thus, our secure processes aim to solve major collaboration issues in supply chains.
This is a preview of subscription content,log in via an institution to check access.
Access this article
Subscribe and save
- Get 10 units per month
- Download Article/Chapter or eBook
- 1 Unit = 1 Article or 1 Chapter
- Cancel anytime
Buy Now
Price includes VAT (Japan)
Instant access to the full article PDF.
Similar content being viewed by others
Notes
Forrester Research
This list includes companies such as SAP, Logility, and Infosys.
References
Akintoye, A., McIntosh, G., & Fitzgerald, E. (2000). A survey of supply chain collaboration and management in the UK construction industry.European Journal of Purchasing and Supply Management, 6, 159–168.
Aouam, T., Chang, S., & Lee, E. (2003). Fuzzy MADM: an outranking method.European Journal of Operational Research, 145, 317–328.
Atallah, M., Elmongui, H., Deshpande, V., & Schwarz, L. (2003). Secure supply chain protocols.Proceedings of the IEEE Conference on E-Commerce, 293–302.
Aviv, Y. (2002). Gaining benefits from joint forecasting and replenishment processes: the case of auto-correlated demand.Manufacturing and Service Operations Management, 4(1), 55–74.
Brakerski, Z., & Vaikuntanathan, V. (2011). Efficient fully homomorphic encryption from (standard) LWE.IEEE 52 annual Symposium on Foundations of computer Science, 97–106.
Brakerski, Z., Gentry, C., & Vaikuntanathan, V. (2011). Fully homomorphic encryption without bootstrapping.Cryptology ePrint Archive, 2011/277.
Brandt, F., & Sandholm, T. (2005). Efficient privacy preserving protocols for multi-unit Auctions.Proceedings of the 9th international conference on Financial Cryptography and Data Security, 298–312.
Brandt, F., & Sandholm, T. (2008). On the existence of unconditionally privacy-preserving auction protocols.ACM Transactions on Information Systems Security, 11(2).
Cachon, G., & Fisher, M. (2000). Supply chain inventory management and the value of shared information.Management Science, 46(8), 1032–1048.
Chaum, D. (1981). Untraceable electronic mail, return addresses, and digital pseudonyms.Communication of the ACM, 24(2), 84–88.
Chaum, D., Crepeau, C., & Damgard, I. (1998). Multiparty unconditionally secure protocols.ACM STOC, 1998, 11–19.
Chen, F., Drezner, Z., Ryan, J. K., & Simchi-Levi, D. (2000). Quantifying the bullwhip effect in a simple supply chain: the impact of forecasting, lead times, and information.Management Science, 46(3), 436–443.
Danezis, G., & Diaz, C. (2008). A survey of anonymous communication channels.Microsoft Research Technical Report.http://research.microsoft.com/apps/pubs/default.aspx?id=70553.
Deshpande, V., Schwarz, L., Atallah, M., Blanton, M., & Frikken, K. (2011). Outsourcing manufacturing: secure price-masking mechanisms for purchasing component parts.Production and Operations Management, 20(2), 165–180.
ElGamal, T. (1985). A public-key cryptosystem and a signature scheme based on discrete logarithms.IEEE Transactions on Information Theory, 31(4), 469–472.
Fu, Y., & Piplani, R. (2004). Supply-side collaboration and its value in supply chains.European Journal of Operational Research, 152(1), 281–288.
Gentry, C. (2009). Fully homomorphic encryption using ideal lattices.Proceedings of the 41st ACM Symposium on Theory of Computing, 169–178
Gentry, C., & Halevi, S. (2011). Implementing gentry’s fully-homomorphic encryption scheme.EUROCRYPT, Lecture Notes in Computer Science, 7237, 465–482.
Gentry, C., & Halevi, S. (2011b). Fully homomorphic encryption without squashing using depth-3 arithmetic circuits.Cryptology ePrint Archive, 2011/279.
Gentry, C., Halevi, S., & Smart, N. P. (2012). Fully Homomorphic Encryption with Polylog Overhead.Advances in Cryptology – EUROCRYPT 2012 Lecture Notes in Computer Science, 7237, 465–482.
Goethals, B., Laur, S., Lipmaa, H., & Mielikainen, T. (2004). On private scalar product computation for privacy-preserving data mining.Proceedings of the 7th Annual International Conference in Information Security and Cryptology, 2004.
Hu, J. (2011). Derivation of trust federation for collaborative business processes.Information Systems Frontiers, 13(3), 305–319.
Lauter, K., Naehrig, M., & Vaikuntanathan, N. (2011). Can homomorphic encryption be practical?Cryptology ePrint Archive, Report, 2011/405
Lee, H., So, K. C., & Tang, C. (2000). The value of information sharing in a two level supply chain.Management Science, 46(5), 626–643.
Lee, C., Ho, P., & Hwang, M. (2009). A secure e-auction scheme based on group signatures.Information Systems Frontiers, 11(3), 335–343.
Li, G., & Wei, M. (2012). Everything-as-a-service platform for on-demand virtual enterprises.Information Systems Frontiers, published online April 2012.
Myers, S., Sergi, M., & Shelat, A. (2011). Threshold fully homomorphic encryption and secure Computation.Cryptology ePrint Archive, 2011/454.
Naor, M., Pinkas, B., & Summer, R. (1999). Privacy preserving auctions and mechanism design.Proceedings of the 1st ACM Conference on Electronic Commerce, 129–139.
Paillier, P. (1999). Public-key cryptosystems based on composite degree residuosity classes.EUROCRYPT, 1999, 223–238.
Pavlou, P. (2011). State of the information privacy literature: where are we now and where should we go?MIS Quarterly, 35(4), 977–988.
Pibernik, R., Zhang, Y., Kerschbaum, F., & Schropfer, A. (2011). Secure collaborative supply chain planning and inverse optimization—the JELS model.European Journal of Operational Research, 208(1), 75–85.
Rabin, T. (1998). A simplified approach to threshold and proactive RSA.Crypto’98, Lecture Notes in Computer Science, 1462, 89–104.
Ratnasingam, P. (2005). Trust in inter-organizational exchanges: a case study in business to business electronic commerce.Decision Support Systems, 39, 525–544.
Reed, M. G., Syverson, P. F., & Goldschlag, D. M. (1998). Anonymous connections and onion routing.IEEE Journal on Selected Areas in Communications, 16(4), 482–494.
Rivest, R., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems.Communications of the ACM, 21(2), 120–126.
Smart, N. P., & Vercauteren, F. (2010). Fully homomorphic encryption with relatively small key and ciphertext sizes.Public Key Cryptography, Lecture Notes in Computer Science, 6056, 420–443.
Smith, J. (2011). Information privacy research: an interdisciplinary review.MIS Quarterly, 35(4), 989–1015.
Soper, D., Demirkan, H., & Goul, M. (2007). An interorganizational knowledge sharing security model with breach propagation detection.Information Systems Frontiers, 9(5), 469–479.
Stehle, D., & Steinfeld, R. (2010). Faster fully homomorphic encryption.ASIACRYPT, Lecture Notes in Computer Science, 6477, 377–394.
Sun, Y., Sun, Y., Mingxing, L., & Gu, L. (2013). Comment on Lee et al.’s group signature and e-auction scheme.Information Systems Frontiers, 15(1), 133–139.
Van Dijk, M., Gentry, C., Halevi, S., & Vaikuntanathan V. (2010). Fully homomorphic encryption over the integers.EUROCRYPT, 6110, 24–43.
Yang, H., & Fong, S. (2012). Optimizing dynamic supply chain formation in supply mesh using CSET model.Information Systems Frontiers, published online September 2012.
Yao, A. C. (1986). How to generate and exchange secrets.IEEE annual Symposium on Foundations of computer Science, 162–167.
Yao, Y., & Zhu, K. (2012). Do electronic linkages reduce the bullwhip effect? An empirical analysis of the U.S. manufacturing supply chains.Information Systems Research, 23(2), 1042–1055.
Zhang, C., & Li, S. (2006). Secure information sharing in internet based supply chains.Journal of Computer Information Systems, 46(4), 18–24.
Author information
Authors and Affiliations
American University in Dubai, PO Box 28282, Dubai, United Arab Emirates
Sharad Barkataki & Hassan Zeineddine
- Sharad Barkataki
You can also search for this author inPubMed Google Scholar
- Hassan Zeineddine
You can also search for this author inPubMed Google Scholar
Corresponding author
Correspondence toSharad Barkataki.
Appendix
Appendix
1.1Appendix A: Figures
Supply chain context
Message sequence for the STTP process
Message sequence for the WTTP process
Message sequence for the NTTP process
1.2Appendix B: Tables
1.3Appendix C: Glossary of terms
- 1.)
TTP: Trusted Third Party
- 2.)
STTP: Secure process with a strongly trusted third party
- 3.)
WTTP: Secure process with a weakly trusted third party
- 4.)
NTTP: Secure process with no third party.
Rights and permissions
About this article
Cite this article
Barkataki, S., Zeineddine, H. On achieving secure collaboration in supply chains.Inf Syst Front17, 691–705 (2015). https://doi.org/10.1007/s10796-013-9448-3
Published:
Issue Date:
Share this article
Anyone you share the following link with will be able to read this content:
Sorry, a shareable link is not currently available for this article.
Provided by the Springer Nature SharedIt content-sharing initiative