Security of E-Procurement Transactions in Supply Chain Reengineering

Juliette Stephens,Raul Valverde

doi:10.5539/cis.v6n3p1

Abstract

With the rapid rise of Business to Business (B2B) transactions over the internet and the increasing use of e-procurement solutions by large organizations for purchasing, there is a need to reengineer current legacy supply chain management systems in order to integrate them with modern e-procurement systems. Although there is a great deal of research in the area of integration with e-procurement systems, there is little attention for security aspect of this integration that responds to the need for accurate and secure information exchange has become essential to doing business. Security is a consistent and growing problem for e-commerce and procurement solutions. As the number and frequency of security violations continues to rise, there is a corresponding dependence on information technology to drive business value, which in turn increases the importance and criticality of transaction data. The result is an increasing demand for secure e-procurement transactions to ensure the confidentiality, integrity and availability of data. Secure transactions are essential if organizations are to fully realize the benefits of e-procurement which include increased productivity, lower purchasing pricing, streamlined processes, reduced order fulfillment time and greater budgetary control; all of which can contribute to increasing an organization’s competitive advantage. This research is a case study which evaluates the security of transactions for the integration of an e-procurement solution in a large organization. It addresses both business and technological issues by examining the current threat model, security policies, system architecture, and security controls that have been implemented to ensure data integrity and confidentiality. Finally, a new model will be proposed for reengineering projects that require the integration of e-procurement systems which includes recommendations for improvements that will be benchmarked against common security designed principles.

Highlights

E-Procurement, the electronic support of the professional buying process, which addresses the relationship of a business to its suppliers, is on the rise (Tanner et al, 2008)
With the rapid rise of Business to Business (B2B) transactions over the internet and the increasing use of e-procurement solutions by large organizations for purchasing, there is a need to reengineer current legacy supply chain management systems in order to integrate them with modern e-procurement systems
There is a great deal of research in the area of integration with e-procurement systems, there is little attention for security aspect of this integration that responds to the need for accurate and secure information exchange has become essential to doing business

Summary

Introduction

E-Procurement, the electronic support of the professional buying process, which addresses the relationship of a business to its suppliers, is on the rise (Tanner et al, 2008). E-Procurement is on the rise and it is said to be one of the most efficient ways to conduct business. This evidenced by studies showing that organizations are spending as much as 50 to 60% of total revenue on e-procurement activities e-Procurement is generating great excitement because of its potential to reduce procurement costs and improve strategic sourcing (Subramaniam & Shaw, 2002). With increasing use of reengineering projects including third party e-procurement solutions, concerns over the security and confidentiality of data exchanged in electronic environments has become a prominent issue (Angeles & Nath, 2007). As competition on the internet grows, companies seek to obtain as much information as possible from competitors (i.e. knowledge about competitors, prices, products, customers) by using various methods that threaten data security and help them gain an unfair advantage. Mohammadi et al (2012) conducted a study that revealed that the improvement in supply chain capabilities through IT allows the firm to learn and www.ccsenet.org/cis

Methods

Results

Conclusion