Dear colleagues

 

we would like to draw your attention to the CfP for our special issue "Security and Privacy in Business Networking" of the Springer journal Electronic Markets.

 

Deadline for paper submission is May 16, 2012.

Final decision & notification to authors is scheduled for September 5, 2012.

 

For more details, please visit the Electronic Markets Website: http://www.electronicmarkets.org/news/call-for-papers-1/cfp-for-special-issue-on-security-and-privacy-in-business-networking.html

 

Kind regards

Stefan Sackmann.

 

=======================

Prof. Dr. Stefan Sackmann

 

Lehrstuhl für Wirtschaftsinformatik/

Betriebliches Informationsmanagement

Juristische und Wirtschaftswissenschaftliche Fakultät

Martin-Luther-Universität Halle-Wittenberg

Universitätsring 3

06108 Halle/Saale

 

Tel.: +49 345 55-23471

Fax : +49 345 55-27374

E-Mail: im@wiwi.uni-halle.de

URL: http://informationsmanagement.wiwi.uni-halle.de

=======================

 

 

 

Call for Papers for Special Issue on

 

"Security and Privacy in Business Networking"

*********************************************

 

Guest Editors

* Noboru Sonehara, National Institute of Informatics, Japan

* Hubert Österle, University of St.Gallen, Switzerland

* Stefan Sackmann, University of Halle-Wittenberg, Germany

* A Min Tjoa, Vienna University of Technology, Austria

 

Theme

 

The technological development of web services, middleware for distributed computing, or smart objects enables an on-demand and inter-organizational orchestration of ICT services to companies. Such ICT services, e.g. providing basic computing and storage resources, provide a sound basis for both flexible business processes and fast adaption on changes in business networks as well as in the physical environment. Thus, business networks are dangled with more flexibility at decreasing costs.

However, substituting “traditional” ICT infrastructure by ICT services means to ship data to the code. On the one side, the disclosure (and aggregation) of data means a fundamental principle and makes all the new ICT services possible. On the other side, the disclosure of digital content bears risks for business process and data owners since the content might be confidential or personal data at least partly. Thus, leveraging the ICT services is inherently connected with the risk of violating the main protection goals of IT security: confidentiality, integrity, and availability. Without providing adequate methods and tools for managing this risk to business networks, the enormous potential of ICT services is running into danger to remain unexploited.

Even though security policies allow describing responsibilities and rules for the execution of ICT services and the processing of disclosed data, at least two open issues remain:

- Ad (a) Controllability: Legal regulations, e.g. SOX, HIPAA, and data protection acts, define minimal security principles for business processes and processing of confidential data. Business process owners and data owners can provide security by traditional mechanisms, e.g. firewalls and identity management, as long as processes and data are processed within their security domain. However, by using external ICT services, the enforcement of security and compliance rules regarding external processing of data and execution of processes cannot be controlled any longer. Companies and customers have to trust external service providers that the rules are followed – meaning risks to the security of the business processes and to the privacy of data.

- Ad (b) Threats by unexpected – even if not unknown – interferences: Technical failure, crime, terrorism, or natural disasters threaten correctness and availability of ICT services. When such a threat becomes reality, ICT should still provide its services. A main approach to sustain required services is the flexible adaptation of the underlying parts of the ICT infrastructure that are still available. Such flexibility premises integration of several separate security domains. While service-oriented computing facilitates spontaneous replacement of affected services, such a spontaneous replacement implies granting access to data and functions to an “outsider” and thereby making him or her an “insider”. Hence, such flexibility opens an enormous potential of misuse placing enormous challenges on providing security and protecting privacy.

 

Topics

 

This special issue calls for original papers on methodologies, technologies, and best practices for solving problems of security and privacy in on-demand, inter-organizational ICT usage for business processes. Contributions from research and business practice on the following and related topics are invited:

 

Economics, methodologies, and best practices

* Business Continuity Plan and Business Continuity Management Business Resilience

* Critical Information Infrastructure Protection

* Dependability and Security

* Economics of Control

* Inter-organizational Risk Assessment and Management

 

Control mechanisms and technologies

* Anonymity and Encryption Techniques

* Inter-organizational Policy Enforcement

* Distributed Policy Management

* Detection and Identification of Anomalies in Service-Oriented Computing

* Relaxed Access Control Policies and Systems

* Resilience Networking

* Usage Control Mechanisms

 

Submissions for additional but related topics are welcome. Electronic Markets is a methodologically pluralistic journal. Quantitative and qualitative research methods are both welcome, as long as the studies are methodologically sound. Conceptual and theory-development papers, empirical hypothesis testing, and case-based studies are all welcome. All papers will be peer reviewed and should conform to Electronic Markets publication standards.

 

Submission

Submission of a manuscript implies: that the work described has not been published before; that it is not under consideration for publication anywhere else; that its publication has been approved by all co-authors, if any, as well as by the responsible authorities – tacitly or explicitly – at the institute where the work has been carried out. The publisher will not be held legally responsible should there be any claims for compensation. A submission must be in English and should consist of approximately 5,000 - at least 3,500 and at most of 6,000 - words. The template is available at http://www.eletronicmarkets.org. Articles must be submitted via the electronic submission system at http://elma.edmgr.com.

If you would like to discuss any aspect of the special theme, please contact the guest editors for the special issue.

 

Contact addresses

 

sonehara@nii.ac.jp

hubert.oesterle@unisg.ch

stefan.sackmann@wiwi.uni-halle.de

amin@ifs.tuwien.ac.at

or editors@electronicmarkets.org

 

Important deadline

* Submission Deadline: May 16, 2012

 

The CfP is available on https://www.electronicmarkets.org/news/call-for-papers-1/cfp-for-special-issue-on-security-and-privacy-in-business-networking.html.

 

====================================================================

Electronic Markets - The International Journal on Networked Business

====================================================================

Editor-in-Chief: Prof. Hubert Oesterle, University of St. Gallen

Executive Editor: Karen Heyden, University of Leipzig

 

Editorial Office:

Electronic Markets - The International Journal on Networked Business

c/o Information Systems Institute University of Leipzig

04109 Leipzig, Germany

Phone +49 341 9733600

Fax +49 341 9733612

E-mail: editors@electronicmarkets.org 

electronicmarkets.org 

facebook.com/ElectronicMarkets  

twitter.com/journal_EM   

 

Electronic Markets is a SSCI-listed academic journal and published quarterly by Springer. ISSN: 1019-6781 (Paper) 1422-8890 (Online).