Abstract
Active collaboration is undoubtedly one of the most important aspects within e-business. In addition to companies collaborating on ways to increase productivity and cut costs, there is a growing need for in-depth discussion and negotiations on their individual and collective security. This paper extends previous work on a tool aimed at supporting the cross-enterprise security negotiations process. Specifically, our goal in this article is to briefly present a case study analysis and evaluation of the usage of the tool. This provides further real-world insight into the practicality of the tool and the solution model which it embodies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
PricewaterhouseCoopers LLP. Information Security Breaches Survey 2010 [Online]. Available: http://www.pwc.co.uk/eng/publications/isbs_survey_2010.html
Tiller JS (2005) The ethical hack: a framework for business value penetration testing. Auerbach Publications, Boca Raton
Nurse JRC, Sinclair JE (2009) BOF4WSS: a business-oriented framework for enhancing web services security for e-Business. In: 4th International Conference on Internet and Web Applications and Services. IEEE Computer Society, pp 286–291
Nurse JRC, Sinclair JE (2009) Securing e-Businesses that use web services—a guided tour through BOF4WSS. Int J Adv Internet Technol 2(4):253–276
Steel C, Nagappan R, Lai R (2005) Core security patterns: best practices and strategies for J2EETM, web services and identity management. Prentice Hall PTR, Upper Saddle River
Gutierrez C, Fernandez-Medina E, Piattini M (2006) PWSSec: process for web services security. In: IEEE International Conference on Web Services, pp 213–222
Nurse JRC, Sinclair JE (2010) A solution model and tool for supporting the negotiation of security decisions in e-business collaborations. In: 5th International Conference on Internet and Web Applications and Services. IEEE Computer Society, pp 13–18
Nurse JRC, Sinclair JE (2010) Evaluating the compatibility of a tool to support e-businesses’ security negotiations. In: Lecture notes in engineering and computer science: Proceedings of the World Congress on Engineering 2010, WCE 2010, London, UK, pp 438–443
Yau SS, Chen Z (2006) A framework for specifying and managing security requirements in collaborative systems. In: Yang LT, Jin H, Ma J, Ungerer T (eds) Autonomic and trusted computing, ser. lecture notes in computer science, vol 4158. Springer, Heidelberg, pp 500–510
Todd M, Zibert E, Midwinter T (2006) Security risk management in the BT HP alliance. BT Technol J 24(4):47–52
Nurse JRC, Sinclair JE (2009) Supporting the comparison of business-level security requirements within cross-enterprise service development. In: Abramowicz W (ed) Business information systems, ser. lecture notes in business information processing, vol 21. Springer, Heidelberg, pp 61–72
DCSSI (2004) Expression des besoins et identification des objectifs de securite (EBIOS)—Section 1–5, Secretariat General de la Defense Nationale. Direction Centrale de la Securitec des Systecmes D’Information, Technical Report
den Braber F, Braendeland G, Dahl HEI, Engan I, Hogganvik I, Lund MS, Solhaug B, Stolen K, Vraalsen F (2006) The CORAS model-based method for security risk analysis. SINTEF, Technical Report
Federal Office for Information Security (BSI). IT-Grundschutz Manual [Online]. Available: https://www.bsi.bund.de/EN/Topics/ITGrundschutz/itgrundschutz_node.html
National Institute of Standards and Technology (NIST) (2002) Risk management guide for information technology systems (Special Publication 800-30), Technical Report
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media B.V.
About this chapter
Cite this chapter
Nurse, J.R., Sinclair, J.E. (2011). A Case Study Analysis of an E-Business Security Negotiations Support Tool. In: Ao, SI., Gelman, L. (eds) Electrical Engineering and Applied Computing. Lecture Notes in Electrical Engineering, vol 90. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-1192-1_18
Download citation
DOI: https://doi.org/10.1007/978-94-007-1192-1_18
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-007-1191-4
Online ISBN: 978-94-007-1192-1
eBook Packages: EngineeringEngineering (R0)