S. Nachtigal
Royal Holloway, University of London
Egham, Surrey TW20 0EX, UK
C. J. Mitchell
Royal Holloway, University of London
Egham, Surrey TW20 0EX, UK
e-business, information security model, business process, information flows, perimeter security.
Organisations (enterprises, businesses, government institutions, etc.) have changed their way of doing busi-
ness from a traditional approach to embrace e-business processes. This change makes the perimeter security
approach inappropriate for such organisations. The well-known and widely used security mechanisms, in-
cluding cryptography-based tools and techniques, cannot provide a sufficient level of security without being a
part of a comprehensive organisational approach/philosophy. This approach must be different from the current
dominant approach, i.e. perimeter security, and must focus on different organisational components. In this
paper we suggest a process security approach, and describe ongoing research with the aim of developing an
e-business security model based on this new, process security, approach.
The way in which business is conducted is going
through a very significant change. E-business, a new
and different way of running a business, is a subject
of growing importance both for the business and the
academic world.
The business world has adopted information tech-
nology since the very early stages of computer his-
tory. From mainframes, through minicomputers, PCs
and LANs, to WANs and EDI all these tech-
nologies (combining hardware, software, databases
and telecommunications) provide a company with the
means to enhance its internal operations. Informa-
tion technology has changed significantly since the
introduction of computers, while these technology
changes have impacted business practice to a great
extent (Oz, 2000). In value chain/supply chain terms,
information technology has helped to improve the ef-
ficiency of company supply chains (Poirier and Bauer,
2001); WANs and EDI were the first technologies
adopted to improve external operations by provid-
ing communications with the business environment
(mostly suppliers), and actually extending the supply
In today’s technology intensive reality, the oppor-
tunity of adding value to the firm’s supply chain can
be achieved by making more and more business func-
tions ‘electronic’. In technological terms, this is
achieved by introducing increasing numbers of infor-
mation systems and information technologies into en-
terprise business processes and between business pro-
cesses. In other words, this is achieved by networking
the business functions inside the organisation, and be-
tween the organisation and its environment. The In-
ternet infrastructure and Internet-based technologies
make it possible for organisations to perform all busi-
ness connections electronically not just with sup-
pliers and customers, but also with financial insti-
tutions, government bodies, potential suppliers, po-
tential customers, partners, competitors, etc. Use of
Internet-based technologies implies the existence of a
Web-site as a means of enabling electronic business
(Poirier and Bauer, 2001).
In practice, it is possible to transform the sup-
ply chain to an electronic form either partly or com-
pletely, while operating as an e-business organisa-
tion. By doing so, the traditional supply chain be-
comes a supply network. More than that, by introduc-
ing advanced information technologies into the sup-
ply chain, the supply chain becomes, according to
Porter’s model (Porter, 1980), a value chain i.e.,
a value network or electronic value network.
Given the above discussion, in this paper (and in
the research it is related to) an e-business (e-biz) or-
ganisation is defined as:
Nachtigal S. and J. Mitchell C. (2006).
In Proceedings of the International Conference on Security and Cryptography, pages 459-464
DOI: 10.5220/0002103404590464
a ‘Business that performs its supply chain ac-
tivities by means of Internet-based Information
Technologies through integration, cooperation
and interaction of its and others supply chain par-
ticipants’ webs, and by doing that actually cre-
ates a Portals Value Network (PVN).
(It should be emphasised that the research de-
scribed below distinguishes between the terms ‘e-
business’ and ‘e-commerce’. Since we have al-
ready defined the term ‘e-business’, the distinction
should be clear: the term ‘e-commerce’ refers only
to the activities of buying /selling products. Hence e-
commerce is just a part of e-business. The subject of
concern here is ‘e-business’).
Based on our definition, from a business point
of view, e-business is the integration of processes,
systems and enterprises, while from a technological
point of view, e-business is the collection and inte-
gration of IT concepts and tools. E-business means
that the entire enterprise becomes an e-enabled or-
ganisation. The e-biz approach to performing busi-
ness transactions implies using information technolo-
gies (especially communication technology) through-
out the business supply chain. In fact the electronic
supply chain might be different for each organisation
that practices e-business depending on the num-
ber and type of organisations that the company has
business relationships with. New threats and prob-
lems arise while using Internet technology in gen-
eral, and especially when a company adopts the e-
biz mode. E-biz involves performing business inter-
actions (in other words, transmitting documents, i.e.
data flow) between organisation portals by means of
Internet technology.
Academic research, while interacting with the busi-
ness world, contributes to mutual efforts to solve field
problems. In the case of e-biz, both business and
academia are challenged to provide solutions, since
e-biz is relatively new, and also very beneficial for
various aspects of modern life. As an integration of
business and technology, e-biz faces significant diffi-
culties and problems. This paper describes ongoing
research related to probably the most significant of
these problems, namely security.
The uniqueness, and the danger, in e-biz is its ‘open-
ness’ to the environment, and the various connections
and communication channels with the external world.
As a result of that ‘openness’, an enterprise that prac-
tices e-biz is exposed to a wide range of threats, i.e.
factors that expose the enterprise to a danger of suffer-
ing from loss, both tangible (e.g. monetary loss) and
non-tangible (e.g. reputation).
An e-biz process is subject to all the benefits
and disadvantages that the technologies imply. The
vast majority of the technology-related disadvantages
are information security related while perform-
ing a process by means of IT, threats such as sensi-
tive (business and private) information disclosure and
theft, industrial espionage, electronic fraud, business
failures due to technological (hardware, software or
communication) failures, viruses, spyware, adware,
phishing, DDoS, impersonation should be considered.
The harm to an enterprise may come from different
sources and by different means— the attacks could
include technology-based tools and methods as well
as social engineering methods.
As IT becomes more and more user-friendly, it also
becomes much more accessible by a wider popula-
tion. The potential sources of security threat sources
are becoming more technology-literate and sophisti-
cated. Although the threats are growing, countermea-
sures are being constantly improved, and new tech-
niques are being applied to secure corporate busi-
ness information; currently, security countermeasures
include hardware and software-based tools and also
powerful cryptographic mechanisms. So, there are in-
creases both in the technological sophistication of the
attackers and in protection methods and power.
However, attackers continue to look for alternative
methods of accessing corporate information. This has
given rise to different kind of threats, based on so-
cial engineering methods, that in the vast majority of
cases have nothing to do with information technology
Corporate information systems security has been
dominated by ‘traditional’ security considerations for
many years. According to the traditional information
security model, security is achieved by providing a
security perimeter, designed to protect the company’s
boundaries from the external world (Kis, 2002). The
vast majority of existing business information sys-
tems have been, and are still being, designed and built
according to the perimeter security paradigm. The
goal is to prevent malicious/non-authorised users and
applications from accessing the company and its var-
ious business functions. A wide variety of tools and
mechanisms have been (and are still being) developed
to support corporate security based on this perimeter
security approach.
In this approach, information systems security is
provided on the basis of a trust hierarchy, by which
the internal users (i.e. the company’s employees) are
automatically assigned a maximal level of trust, while
everyone trying to enter the business from the exter-
nal world is assigned a minimal level of trust, if at
all. This approach has a number of shortcomings, in-
cluding the basic assumption that employees can be
trusted (according to CSI’s 2004 statistics, at least
66% of all security incidents are due to employee ac-
tions, performed either deliberately or by error (CSI,
2005)). Moreover, the concept of ‘closed borders’
fits LAN and/or WAN based activities, but does not
fit so well to Internet-based business operations, and
breaks down completely once one considers mobile
and wireless access to corporate networks.
The traditional business models for information
systems security are thus no longer appropriate, and
fit neither the new organisational environment nor the
new organisational security needs. The old approach
does not distinguish between different applications
with different levels of sensitivity running in the busi-
ness. The different mobile devices, which are poten-
tially widely used in e-biz activities, are at great risk
and could not been given a high trust level, even if
the users are trusted employees. The other problem
is the absence of a standard security infrastructure in
the form of end-to-end protocols: “it is too easy to
steal or tamper with the devices, and the digital keys
are stored at gateways rather than on the device” is a
familiar refrain.
Indeed, we note certain recent developments re-
garding application security some commercial se-
curity companies have made a declaration on their
new products for application security, while distin-
guishing between different security needs based on
different sensitivity levels. However, there is still no
solution for the security needs resulting from busi-
ness transactions performed via the Internet between
the portals of different participants within the PVN
community. An e-biz company must give access to
its internal various business functions to the external
business world, in order for e-biz to work. A com-
prehensive security solution for such a company must
combine both internal and external information secu-
rity. The task of providing security to the information
systems of such a business mainly involves providing
security for the information transmitted between the
company and the other participants of a specific PVN
that enables specific e-biz transactions.
This novel task has arisen from the very definition
of an e-biz company, and means that e-biz is primarily
concerned with protecting information flows. As a re-
sult, in this paper we focus purely on the information
flows between a company and its PVN participants;
we analyse the security requirements resulting from
such flows in order to obtain an information systems
security model appropriate to e-biz business needs.
E-business (including e-commerce) is the subject of
a huge volume of ongoing research. Some of this
relates to e-business information security, and just a
small part (with regard to information security) re-
lates to business process and/or information flows.
McLean (McLean, 1990) has developed a flow-based
security model, FM, which is used as a standard
for comparing with other security models. A new
approach (Sabelfeld and Myers, 2003) was recently
developed for specifying and enforcing information
flow policies, since, according to the authors, stan-
dard security practices are not capable of enforcing an
end-to-end confidentiality policy. Other work (Knorr
and Rohrig, 2001) identifies security requirements of
electronic processes. A discussion of e-business pro-
cess modelling (Aissi et al., 2002) offers the building
blocks required for e-business automation, while ad-
dressing the fragmentation of security requirements
as the biggest challenge for Web services.
There is a growing general awareness of the fail-
ings of the perimeter security approach (especially
for e-business). Professional individuals and groups
(such as the Jericho Forum
) have called for an al-
ternative approach, while suggesting a variety of so-
lutions. The objective of this paper is to introduce
such a new approach, namely a business-processes
oriented security model, to e-business enterprise secu-
rity. This new approach is based on an e-biz core char-
acteristic of performing business functions by means
of electronic data and information flows.
A process, as commonly defined, is the conver-
sion/transformation of a certain entity (tangible or
non-tangible) from one form to another while under-
going a series of actions (Laudon and Laudon, 1998).
A business process can be defined as a certain se-
quence of activities that transforms inputs from dif-
ferent suppliers into outputs to selected customers
(Smith and Fingar, 2003a).
Two universal macro-level modules are present
in any business organisation, namely operations and
management. The operations module is the most ba-
sic; without operations (i.e. processes) there is no
management, and there is actually no organisation.
No organisation is able to function as a vital active
unit without properly performing its processes. A
process can be described by mapping all the docu-
ments carrying the data relevant to the process. An e-
biz process is based on a set of information/data flows
that enable its existence. In practice, the only way
to perform an e-biz process is to transmit documents
over electronic channels, using the specific technolo-
gies making up the infrastructure that enables busi-
ness communications.
The existence of the company is dependent (in the
case of e-biz) on the functionality of these electronic
channels (e.g. the functionality of the Internet-related
technologies) and the information they carry, while
the importance of information quality and functional-
ity is becoming a critical factor for all e-biz compa-
nies. Major parts of documents (if not all of them)
include sensitive information; in any case, in order to
ensure that the functionality of the business proceeds
according to plan, all the business data and informa-
tion (both transmitted and stored) should be protected.
This leads us to a conclusion that for an e-biz com-
pany to function properly (and to function at all) its
business processes have to be secured.
Smith and Fingar (Smith and Fingar, 2003a) distin-
guish three different characteristics related to business
state the value of calculations performed, and
the amount of information collected and generated
during the execution of the process;
capability the activities and relationships of
communications established between the partici-
pants at any stage of the process;
design the intentional characteristics of the pro-
cess, put in place during the design of the process.
Smith and Fingar (Smith and Fingar, 2003a) use these
process characteristics to link business management
and business technology. Dynamics is a significant
characteristic of a modern business not just the
process itself, but also the relationships between the
processes and even the channels of executing the pro-
cesses. A business process, as defined above, in prac-
tice occurs by transforming documents between sta-
tions involved in a specific series of actions in order
to complete a specific mission. Documents contain
data essential to perform each one of the procedural
stages of a specific process. In other words, we use
documents as a convenient way of carrying data.
Focusing on business process security appears to
be a rational approach that complies with the most
basic definition of ‘organisation’ in respect of its per-
formance on a daily basis. Without processes there is
no business, so providing security to an e-biz process
simply enables the existence of such a business.
Existing security tools and mechanisms, developed
upon the traditional perimeter security concept, and
based on hardware and software products, including
cryptography, are not sufficient since they do not re-
late to specific parameters that characterise the busi-
ness process. This paper presents ongoing research
that introduces a novel approach to securing business
information systems by focusing on business pro-
An e-biz company must give access from the ex-
ternal business world to its internal various business
functions, because only in that way can the e-biz
mode be valid. A comprehensive security solution for
such a company must combine both internal and ex-
ternal information security. The task of providing se-
curity for the information systems of such a business
is mainly concerned with providing a security solu-
tion to the information transmitted between the com-
pany and the other participants of a specific PVN that
enables specific e-biz transactions. This task is a new
one that has been arisen from the definition of an e-biz
company, and becomes the primary focus of e-biz se-
curity. As a result, the research described here will be
limited to that task only; that is the information flows
between the company and its PVN participants will
be analysed in order to obtain an information systems
security model appropriate to e-biz business needs.
As stated above, a process is associated with doc-
uments transmitted between the different stations of
that process. This is why the best way to present a
process is by presenting the information involved (i.e.
that produced, transmitted and stored) in the process.
The business processes could be identified by describ-
ing the business functions of which the processes are
a part. However, when considering an e-biz process,
there are number of rather unique features of this spe-
cific kind of a business process. Even the semantics of
the widely used concept of workflow cannot be used
for modeling the majority of e-biz processes, because
of the great degree of mobility associated with e-biz
activities (Smith and Fingar, 2003a). There is a for-
mal theory of mobile processes, namely Pi-Calculus
as developed by Milner. Most, if not all, processes
are associated with the mobility feature see (Mil-
ner, 1999) and (Smith and Fingar, 2003b).
The ‘mobility’ concept seems to be one of the most
significant properties of e-biz process; it refers to the
way information is exchanged among the participants
in a process, and the changes in their relationships as
the process evolves during execution. In fact, in the
business environment, all the processes may/should
be considered as mobile processes (Smith and Fingar,
As stated before, an e-biz organisation runs its busi-
ness differently to a traditional firm. Its business pro-
cesses are an integration of sequences and sets of in-
formation flows. (The concept of analysing informa-
tion flows has been used by McCumber in his Mc-
Cumber Cube approach (McCumber, 2005), while
dealing with mapping information flow states and in-
troducing the concept of 3-states information exis-
This paper introduces a different direction for in-
formation flow analysis. In order to define the e-biz
functions and processes, a detailed description of the
well known traditional business functions and pro-
cesses is performed. Any process is viewed as being
comprised of a set (potentially a very complex one)
of specific information flows. All the processes of the
organisation, and the relevant information flows as-
sociated with them, are described, and the results are
summarised by means of an Information by Processes
Table (IbPT).
In order to secure a business process, not only do
its information flows need to be secured, but also all
the data stores that serve these information flows. In
order to operate properly, e-biz relies on a vast va-
riety of data to support the organisation’s activities.
Besides all the business data and information stores,
there are also stores (packages) of specific computer
system data, needed for system execution or produced
by the system.
All the processes, together with the associated in-
formation flows, databases and the set of various busi-
ness (operational and management) parameters which
characterise the processes, are evaluated and the final
model is formulated. The relationships between the
model components will be defined following the test
phase of the research.
Organisations are constantly investing in information
technology, and in business information systems se-
curity in particular. These security expenditures have
constantly increased over the last few years (CSI,
2005). The expenditure is mostly on widely used se-
curity tools such as firewalls, antiviruses, VPNs, en-
crypted channels, etc. Although the tools are effective
to a certain extent, there are objective shortcomings
related to all existing security tools and mechanisms:
1. they solve just the technical side of the security
2. the acquisition of those tools and mechanisms is
not based on any analytical model, since corporate
management is not supported by any such analyti-
cal model in their decision-making.
According to the traditional perimeter security ap-
proach, security tools are used in order to protect or-
ganisations by preventing certain types of activities
(Holden, 2003) — which potentially results in a cum-
bersome and non-intuitive business environment for
the employees. The security ‘arms race’ is a never-
ending process, since the threats and risks are con-
stantly growing, and the organisation management
never knows how much security is enough to pre-
vent unauthorised access into the business. The re-
sult, again, is the imposition of limitations on em-
ployee operational capabilities (e.g. they are forced
to perform certain business operations in a particular,
highly complex way, at certain hours, certain work-
stations, etc.).
The new approach suggested here, and the model
which comes with it, is designed to to enable business
instead of prevent business by abandoning the con-
cept of borders (which are no longer relevant for an
e-biz company) and providing decision makers with
security measures based on business process specifi-
cations. This is a rational and, therefore, useful tool
since the most important thing for the organisation
is that its business processes are performed properly.
The model will make possible the planning of both
the business security measures and the security man-
agement process itself.
Because of the nature of the discipline (information
systems security) and the research target, it has been
decided to apply a heuristic case study method in this
research (Myers, 1997). Four different Case Studies
will be performed, for the following reasons.
Any e-biz firm has to decide upon its business
model, a new and different model to that applying to
a traditional type of business. E-business models can
be grouped and classified into two categories (Apple-
gate, 2002) — the classification should be made on a
basis of separation between two kinds of companies:
Digital businesses firms that are built and
launched on the Internet;
Businesses that provide the platform upon which
digital businesses are managed and operated.
Gloor (Gloor, 2000) gives a more detailed classi-
fication of the models suggested by Malone (cited in
(Gloor, 2000)). Malone distinguishes between four
fundamentally different types of models for e-biz:
Creators producers of goods (physical or infor-
mation) such as General Electric, Cisco, Dell, Mi-
crosoft, and on-line versions of newspapers.
Distributors companies that distribute and/or
supply the goods, such as electronic shops for
books or music (the most representative example
is Amazon).
Brokers companies that act as intermedi-
aries, such as on-line auctioneers, travel agen-
cies (eBay, Netaction and Olsale, Thelastminute,
the90minute), are examples of this type of e-biz.
Extractors these are companies that exist only
on Internet, operate as portals, and whose business
model is based on advertising revenue. Typical ex-
amples are Yahoo and Google.
This classification is generic enough and, indeed, in-
cludes all kinds of organisations acting as an e-biz.
Based on the discussions in previous sections, the
next phase of this research with regard with develop-
ment methodology will include the following:
1. The choice of four different e-biz firms, one for
each of the following types of e-biz models:
Each of these chosen companies will be used as a
Case Study.
2. Each of the Case Studies will be analysed, covering
full process description;
full information flow description;
relevant databases;
security analysis;
business issues (strategies, policies, etc.).
3. The data will be analysed (the structured data will
be also processed) and discussed.
4. Based on the case study findings, a ‘process secu-
rity’ model will be developed and formulated.
5. The model (models) will be implemented on the
case study firms.
Although there is a wide range of technological secu-
rity tools, there is still no solution for security needs
resulting from the business transactions performed,
via the Internet, between the portals of the partici-
pants making up the PVN community. Such a solu-
tion will potentially be very useful for organisations
which practice e-business activity, as discussed above.
Any e-biz organisation will be equipped with a tool
(model) which will enable rational economic security
Additional benefits will come in form of the infor-
mation acquired during the research phases of testing
the models, i.e. the data collected from the case stud-
ies. These could lead to additional possible research
results. Initially, this data will be used to follow-up
the case-study organisations in order to analyse the
impact of the suggested model in the middle and long
Further, a map of business processes with the asso-
ciated information flows, which will be one of the by-
products of this research, could be a useful basis for
analysing the actual need of various security tools and
measures (in terms of types, amounts, goals, crypto-
graphic strength, etc.), related to a specific business
process rather than the whole corporation.
Aissi, S., Malu, P., and Srinivasan, K. (2002). E-business
process modeling: The next big step. Computer,
Applegate, L. M. (2002). E-Business Handbook. The St.
Lucie Press.
CSI (2005). 2004 CSI/FBI Computer Crime and Security
Survey. Computer Security Institute.
Gloor, P. (2000). Making the e-Business Transformation.
Springer-Verlag, London.
Holden, G. (2003). Guide to Network Defense and Coun-
termeasures. Thomson Learning, Course Technology.
Kis, M. (2002). Information security antipatterns in soft-
ware requirements engineering. Permission is granted
to copy for the PLoP 2002 conference.
Knorr, K. and Rohrig, S. (2001). Security requirements
of e-business processes. In Schmid, B., Stanoevska-
Slabeva, K., and Tschammer, V., editors, Towards the
E-Society: First IFIP Conference on E-Commerce,
E-Business, and E-Government; Zurich, Switzerland,
Oct. 4-5, 2001, pages 73–86. Kluwer Academic Pub-
lishers, Norwell, MA.
Laudon, K. C. and Laudon, J. P. (1998). Information Sys-
tems and the Internet. Dryden Press, 4th edition.
McCumber, J. (2005). Assessing and Managing Security
Risk in IT Systems. Auerbach Publications.
McLean, J. (1990). Security models and information flow.
Milner, R. (1999). Communicating and Mobile Systems.
Cambridge University Press.
Myers, M. D. (1997). Qualitative research in information
systems. MIS Quarterly, 21(2):241–242.
Oz, E. (2000). Management Information Systems. Thomson
Learning, Course Technology.
Poirier, C. C. and Bauer, M. J. (2001). E-Supply Chain.
Berrett-Koehler Publishers, Inc.
Porter, M. (1980). Competitive Strategy. Free Press, USA.
Sabelfeld, A. and Myers, A. C. (2003). Language-based
information-flow security. IEEE Journal on Selected
Areas in Communications, 21(1):5–19.
Smith, H. and Fingar, P. (2003a). Business Process Man-
agement: The Third Wave. Meghen-Kiffer Press.
Smith, H. and Fingar, P. (2003b). Workflow
is just a Pi process. Possibly available at