Security of E-Procurement Transactions in Supply Chain Reengineering

Abstract

With the rapid rise of Business to Business (B2B) transactions over the Internet and the increasing use of e-procurement solutions by large organizations for purchasing, there is a need to reengineer current legacy supply chain management systems in order to integrate them with modern e-procurement systems. Security is a consistent and growing problem for e-commerce and procurement solutions. The result is an increasing demand for secure e-procurement transactions to ensure the confidentiality, integrity and availability of data. This research is a case study which evaluates the security of transactions for the integration of an e-procurement solution in a large organization. It addresses both business and technological issues by examining the current threat model, security policies, system architecture, and security controls, that have been implemented to ensure data integrity and confidentiality. Finally, a new model will be proposed for reengineering projects, that require the integration of e-procurement systems, which includes recommendations for improvements that will be benchmarked against common security designed principles.