Security Issues in the Formation and Operation of Virtual Enterprises

Abstract. Enhancing security and trust has been identified as a key issue in making virtual enterprises reach their potential. Even though there is an array of security prob-lems associated with such collaborative alliances of companies, little work in this area has so far been done. In this paper, we provide a structured analysis of the threats fac-ing virtual enterprises, and suggest a set of possible security-enhancing mechanisms to mitigate those threats. We use the example of Plug and Play Business, which is a framework of integrated ICT-tools that support the formation and operation of virtual enterprises for inter-organizational and interoperable collaboration, to discuss the con-sequences of implementing these security features. 1 Introduction Virtual enterprises are a major trend in enterprise interoperability (Camarinha-Matos and Afsarmanesh, 2005), making it possible to configure cooperative settings in which different companies temporarily share their resources toward a common goal. A virtual enterprise may include a variety of entities (e.g., software, organizations and people) that are largely autonomous, geographically distributed, and heterogeneous in terms of their operating environment, culture, social capital, and goals. This puts demands on the interoperability, inter-organizational ability and security among the enterprises participating in a virtual enterprise (Camarinha-Matos and Afsarmanesh, 2005). The idea of dynamic, adaptable and collaborative virtual enterprises provides promising approaches to face the challenges of constantly changing markets. However, the key ques-tion is

[1]  Paul Davidsson,et al.  Categories of Artificial Societies , 2001, ESAW.

[2]  Wayne A. Jansen,et al.  Countermeasures for mobile agent security , 2000, Comput. Commun..

[3]  Hamideh Afsarmanesh,et al.  A Framework for Management of Virtual Organization Breeding Environments , 2005, PRO-VE.

[4]  Andreas Jacobsson,et al.  A Formal Analysis of Virtual Enterprise Creation and Operation , 2009 .

[5]  Charles P. Pfleeger,et al.  Security in computing , 1988 .

[6]  Andreas Jacobsson,et al.  Aligning Models of Normative Systems and Artificial Societies: Towards norm-governed behavior in virtual enterprises , 2007, Normative Multi-agent Systems.

[7]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[8]  Ed Skoudis,et al.  Malware: Fighting Malicious Code , 2003 .

[9]  Paul Davidsson,et al.  On the potential of norm-governed behavior in different categories of artificial societies , 2006, Comput. Math. Organ. Theory.

[10]  Andreas Jacobsson,et al.  Security Aspects on Inter-organizational Cooperation Using Wrapper Agents , 2005, ATOP@AAMAS.

[11]  Andreas Jacobsson,et al.  The Concept and Technology of Plug and Play Business , 2006, ICEIS.

[12]  Hamideh Afsarmanesh,et al.  Elements of a base VE infrastructure , 2003, Comput. Ind..

[13]  J. van Leeuwen,et al.  Engineering Societies in the Agents World II , 2001, Lecture Notes in Computer Science.

[14]  Hamideh Afsarmanesh,et al.  Collaborative networks: a new scientific discipline , 2005, J. Intell. Manuf..

[15]  Paul Davidsson,et al.  Inter-Organization Interoperability in Transport Chains Using Adapters Based on Open Source Freeware , 2006 .

[16]  Elsabé Cloete,et al.  Classification of malicious host threats in mobile agent computing , 2002 .