-------- Original-Nachricht -------- Betreff: [WI] CfP - Special issue "Security and Privacy in Business Networking" of the Springer journal Electronic Markets Datum: Mon, 13 Feb 2012 15:43:40 +0100 Von: Stefan Sackmann stefan.sackmann@wiwi.uni-halle.de Antwort an: Stefan Sackmann stefan.sackmann@wiwi.uni-halle.de An: wi@aifb.uni-karlsruhe.de wi@aifb.uni-karlsruhe.de
Dear colleagues
we would like to draw your attention to the CfP for our special issue "Security and Privacy in Business Networking" of the Springer journal Electronic Markets.
Deadline for paper submission is May 16, 2012.
Final decision & notification to authors is scheduled for September 5, 2012.
For more details, please visit the Electronic Markets Website: http://www.electronicmarkets.org/news/call-for-papers-1/cfp-for-special-issu...
Kind regards
Stefan Sackmann.
=======================
Prof. Dr. Stefan Sackmann
Lehrstuhl für Wirtschaftsinformatik/
Betriebliches Informationsmanagement
Juristische und Wirtschaftswissenschaftliche Fakultät
Martin-Luther-Universität Halle-Wittenberg
Universitätsring 3
06108 Halle/Saale
Tel.: +49 345 55-23471
Fax : +49 345 55-27374
E-Mail: im@wiwi.uni-halle.de mailto:im@wiwi.uni-halle.de
URL: http://informationsmanagement.wiwi.uni-halle.de
=======================
Call for Papers for Special Issue on
"Security and Privacy in Business Networking"
*********************************************
Guest Editors
* Noboru Sonehara, National Institute of Informatics, Japan
* Hubert Österle, University of St.Gallen, Switzerland
* Stefan Sackmann, University of Halle-Wittenberg, Germany
* A Min Tjoa, Vienna University of Technology, Austria
Theme
The technological development of web services, middleware for distributed computing, or smart objects enables an on-demand and inter-organizational orchestration of ICT services to companies. Such ICT services, e.g. providing basic computing and storage resources, provide a sound basis for both flexible business processes and fast adaption on changes in business networks as well as in the physical environment. Thus, business networks are dangled with more flexibility at decreasing costs.
However, substituting "traditional" ICT infrastructure by ICT services means to ship data to the code. On the one side, the disclosure (and aggregation) of data means a fundamental principle and makes all the new ICT services possible. On the other side, the disclosure of digital content bears risks for business process and data owners since the content might be confidential or personal data at least partly. Thus, leveraging the ICT services is inherently connected with the risk of violating the main protection goals of IT security: confidentiality, integrity, and availability. Without providing adequate methods and tools for managing this risk to business networks, the enormous potential of ICT services is running into danger to remain unexploited.
Even though security policies allow describing responsibilities and rules for the execution of ICT services and the processing of disclosed data, at least two open issues remain:
- Ad (a) Controllability: Legal regulations, e.g. SOX, HIPAA, and data protection acts, define minimal security principles for business processes and processing of confidential data. Business process owners and data owners can provide security by traditional mechanisms, e.g. firewalls and identity management, as long as processes and data are processed within their security domain. However, by using external ICT services, the enforcement of security and compliance rules regarding external processing of data and execution of processes cannot be controlled any longer. Companies and customers have to trust external service providers that the rules are followed -- meaning risks to the security of the business processes and to the privacy of data.
- Ad (b) Threats by unexpected -- even if not unknown -- interferences: Technical failure, crime, terrorism, or natural disasters threaten correctness and availability of ICT services. When such a threat becomes reality, ICT should still provide its services. A main approach to sustain required services is the flexible adaptation of the underlying parts of the ICT infrastructure that are still available. Such flexibility premises integration of several separate security domains. While service-oriented computing facilitates spontaneous replacement of affected services, such a spontaneous replacement implies granting access to data and functions to an "outsider" and thereby making him or her an "insider". Hence, such flexibility opens an enormous potential of misuse placing enormous challenges on providing security and protecting privacy.
Topics
This special issue calls for original papers on methodologies, technologies, and best practices for solving problems of security and privacy in on-demand, inter-organizational ICT usage for business processes. Contributions from research and business practice on the following and related topics are invited:
Economics, methodologies, and best practices
* Business Continuity Plan and Business Continuity Management Business Resilience
* Critical Information Infrastructure Protection
* Dependability and Security
* Economics of Control
* Inter-organizational Risk Assessment and Management
Control mechanisms and technologies
* Anonymity and Encryption Techniques
* Inter-organizational Policy Enforcement
* Distributed Policy Management
* Detection and Identification of Anomalies in Service-Oriented Computing
* Relaxed Access Control Policies and Systems
* Resilience Networking
* Usage Control Mechanisms
Submissions for additional but related topics are welcome. Electronic Markets is a methodologically pluralistic journal. Quantitative and qualitative research methods are both welcome, as long as the studies are methodologically sound. Conceptual and theory-development papers, empirical hypothesis testing, and case-based studies are all welcome. All papers will be peer reviewed and should conform to Electronic Markets publication standards.
Submission
Submission of a manuscript implies: that the work described has not been published before; that it is not under consideration for publication anywhere else; that its publication has been approved by all co-authors, if any, as well as by the responsible authorities -- tacitly or explicitly -- at the institute where the work has been carried out. The publisher will not be held legally responsible should there be any claims for compensation. A submission must be in English and should consist of approximately 5,000 - at least 3,500 and at most of 6,000 - words. The template is available at http://www.eletronicmarkets.org. Articles must be submitted via the electronic submission system at http://elma.edmgr.com.
If you would like to discuss any aspect of the special theme, please contact the guest editors for the special issue.
Contact addresses
sonehara@nii.ac.jp
hubert.oesterle@unisg.ch
stefan.sackmann@wiwi.uni-halle.de
amin@ifs.tuwien.ac.at
or editors@electronicmarkets.org
Important deadline
* Submission Deadline: May 16, 2012
The CfP is available on https://www.electronicmarkets.org/news/call-for-papers-1/cfp-for-special-iss....
====================================================================
Electronic Markets - The International Journal on Networked Business
====================================================================
Editor-in-Chief: Prof. Hubert Oesterle, University of St. Gallen
Executive Editor: Karen Heyden, University of Leipzig
Editorial Office:
Electronic Markets - The International Journal on Networked Business
c/o Information Systems Institute University of Leipzig
04109 Leipzig, Germany
Phone +49 341 9733600
Fax +49 341 9733612
E-mail: editors@electronicmarkets.org
electronicmarkets.org
facebook.com/ElectronicMarkets
twitter.com/journal_EM
Electronic Markets is a SSCI-listed academic journal and published quarterly by Springer. ISSN: 1019-6781 (Paper) 1422-8890 (Online).