Sectet: an extensible framework for the realization of secure inter‐organizational workflows
Abstract
Purpose
This contribution aims to present the core components of a framework and illustrate the main concepts of a methodology for the systematic design and realization of security‐critical inter‐organizational workflows with a portion of a workflow‐scenario drawn from e‐government. It is additionally shown how the framework can be adapted to incorporate advanced security patterns like the Qualified Signature, which extends the concept of digital signature by requiring a natural person to sign.
Design/methodology/approach
The framework is based on a methodology that focuses on the correct implementation of security‐requirements and consists of a suite of tools that facilitates the cost‐efficient realization and management of decentralized, security‐critical workflows.
Findings
The framework has been prototypically validated through case studies from the healthcare and e‐government sector. Positive results in pilot applications with industrial partners encourage further steps: the set of supported security requirements is continuously extended (e.g. rights delegation, four eyes principle), a testing environment for industrial settings is being implemented, and the requirements for the efficient management of inter‐organizational workflows are being analysed systematically.
Practical implications
The framework caters to the needs of an industrial audience, in need of a cost‐efficient support for the systematic and correct realization of secure, inter‐organizational workflows.
Originality/value
The contribution provides a description of the Sectet framework. It is shown how it can be adapted to incorporate advanced security patterns like the Qualified Signature, which implement a legal requirement specific to e‐government.
Keywords
Citation
Hafner, M., Breu, R., Agreiter, B. and Nowak, A. (2006), "Sectet: an extensible framework for the realization of secure inter‐organizational workflows", Internet Research, Vol. 16 No. 5, pp. 491-506. https://doi.org/10.1108/10662240610710978
Publisher
:Emerald Group Publishing Limited
Copyright © 2006, Emerald Group Publishing Limited