A Case Study Analysis of an E-Business Security Negotiations Support Tool

Nurse, Jason R. C.; Sinclair, Jane E.

doi:10.1007/978-94-007-1192-1_18

A Case Study Analysis of an E-Business Security Negotiations Support Tool

Jason R. C. Nurse³ &
Jane E. Sinclair³

Chapter
First Online: 01 January 2011

1399 Accesses
2 Citations

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 90))

Abstract

Active collaboration is undoubtedly one of the most important aspects within e-business. In addition to companies collaborating on ways to increase productivity and cut costs, there is a growing need for in-depth discussion and negotiations on their individual and collective security. This paper extends previous work on a tool aimed at supporting the cross-enterprise security negotiations process. Specifically, our goal in this article is to briefly present a case study analysis and evaluation of the usage of the tool. This provides further real-world insight into the practicality of the tool and the solution model which it embodies.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Hardcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

PricewaterhouseCoopers LLP. Information Security Breaches Survey 2010 [Online]. Available: http://www.pwc.co.uk/eng/publications/isbs_survey_2010.html
Tiller JS (2005) The ethical hack: a framework for business value penetration testing. Auerbach Publications, Boca Raton
Google Scholar
Nurse JRC, Sinclair JE (2009) BOF4WSS: a business-oriented framework for enhancing web services security for e-Business. In: 4th International Conference on Internet and Web Applications and Services. IEEE Computer Society, pp 286–291
Google Scholar
Nurse JRC, Sinclair JE (2009) Securing e-Businesses that use web services—a guided tour through BOF4WSS. Int J Adv Internet Technol 2(4):253–276
Google Scholar
Steel C, Nagappan R, Lai R (2005) Core security patterns: best practices and strategies for J2EE^TM, web services and identity management. Prentice Hall PTR, Upper Saddle River
Google Scholar
Gutierrez C, Fernandez-Medina E, Piattini M (2006) PWSSec: process for web services security. In: IEEE International Conference on Web Services, pp 213–222
Google Scholar
Nurse JRC, Sinclair JE (2010) A solution model and tool for supporting the negotiation of security decisions in e-business collaborations. In: 5th International Conference on Internet and Web Applications and Services. IEEE Computer Society, pp 13–18
Google Scholar
Nurse JRC, Sinclair JE (2010) Evaluating the compatibility of a tool to support e-businesses’ security negotiations. In: Lecture notes in engineering and computer science: Proceedings of the World Congress on Engineering 2010, WCE 2010, London, UK, pp 438–443
Google Scholar
Yau SS, Chen Z (2006) A framework for specifying and managing security requirements in collaborative systems. In: Yang LT, Jin H, Ma J, Ungerer T (eds) Autonomic and trusted computing, ser. lecture notes in computer science, vol 4158. Springer, Heidelberg, pp 500–510
Chapter Google Scholar
Todd M, Zibert E, Midwinter T (2006) Security risk management in the BT HP alliance. BT Technol J 24(4):47–52
Article Google Scholar
Nurse JRC, Sinclair JE (2009) Supporting the comparison of business-level security requirements within cross-enterprise service development. In: Abramowicz W (ed) Business information systems, ser. lecture notes in business information processing, vol 21. Springer, Heidelberg, pp 61–72
Google Scholar
DCSSI (2004) Expression des besoins et identification des objectifs de securite (EBIOS)—Section 1–5, Secretariat General de la Defense Nationale. Direction Centrale de la Securitec des Systecmes D’Information, Technical Report
Google Scholar
den Braber F, Braendeland G, Dahl HEI, Engan I, Hogganvik I, Lund MS, Solhaug B, Stolen K, Vraalsen F (2006) The CORAS model-based method for security risk analysis. SINTEF, Technical Report
Google Scholar
Federal Office for Information Security (BSI). IT-Grundschutz Manual [Online]. Available: https://www.bsi.bund.de/EN/Topics/ITGrundschutz/itgrundschutz_node.html
National Institute of Standards and Technology (NIST) (2002) Risk management guide for information technology systems (Special Publication 800-30), Technical Report
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science, Warwick University, Coventry, CV4 7AL, UK
Jason R. C. Nurse & Jane E. Sinclair

Authors

Jason R. C. Nurse
View author publications
You can also search for this author in PubMed Google Scholar
Jane E. Sinclair
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jason R. C. Nurse .

Editor information

Editors and Affiliations

The University of Hong Kong, Hung To Road, Hong Kong, 3739, China, People's Republic
Sio-Iong Ao
School of Engineering, Applied Mathematics and Computing, Cranfield University, Cranfield, MK43 0AL, Montserrat
Len Gelman

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Nurse, J.R., Sinclair, J.E. (2011). A Case Study Analysis of an E-Business Security Negotiations Support Tool. In: Ao, SI., Gelman, L. (eds) Electrical Engineering and Applied Computing. Lecture Notes in Electrical Engineering, vol 90. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-1192-1_18

Download citation

DOI: https://doi.org/10.1007/978-94-007-1192-1_18
Published: 07 June 2011
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-1191-4
Online ISBN: 978-94-007-1192-1
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics