Skip to Content

We proudly organised the WSNSCM workshop related to the integration of Wireless Sensor Networks into Supply Chain Management systems. This workshop has been held jointly with the NetWare conference, in Saint Laurent du Var, France, from the 21st to the 27th of August. (http://www.iaria.org/conferences2011/WSNSCM.html).

With the growing pressure from regulations to enhance security, while needing to control and lower the costs, Supply Chain Management (SCM) has to face an end-to-end problematic: the proper modeling of complete supply chain, while including relevant security requirements, and leveraging real world information to both assess the security level and enforce the security requirements. In this context, sensors and RFIDs appear as an important assets for securing and optimizing of Supply Chain Management Systems. We have already identified important challenges that need to be addressed, and this will allow us to drive this workshop towards a constructive outcome, as listed on the topics:

These challenges require identified experts from fields which are not necessarily correlated (SCM and WSNs). Our workshop will close this gap. These issues are also inline with the EU roadmap, with their planned call for proposals in 2012 for a 40 M euros research demonstration project on this topic.

The WSNSCM workshop provides a constructive environment to reach a stimulating and productive interaction between researchers and industrial partners who work on very different aspects for the integration of WSNs and RFIDs for secure SCMs. The workshop intended to identify issues, methodologies and directions for future research, together with experience of industrial partners and encourage cooperation in this areas.

The three following publications attracted our attention:

1. Trabelsi S. and Boasso L., The KPI-Based Reputation Policy Language 

 Trust  policy  languages  are  implemented  to  express the  trust  requirements  of  the  users.  These  requirements  are represented by a set of rules specifying the necessary conditions that should be fulfilled by an entity in order to gain the trust of the  evaluator.  Most  of  the  known  trust  policy  languages  are designed  to  express  credential,  authorization  and  access  control requirements  for  the  trust  establishment.  The  credential  based approach  represents  only  one  aspect  of  trust.  The  other  main aspects like reputation and recommendation are  not covered  by these  policy  languages.    In  this  paper  we  propose  a  new  policy language   for   expressing   trust   requirements   for   reputation models, and particularly for the KPI-based reputation model in a supply chain scenario.

 

2. Khalfaoui M. and Elkhiyaoui K. and Molva R., Privacy Preserving Products Tracking in Clustered Supply Chain

One  of  the  main  applications  of  supply  chain management is product tracking. We define it as tracing the product path along the supply chain. In this paper, we propose a  solution  to  track  the  product  while  preserving  the  privacy of  the  supply  chain  actors  involved  and  the  path  traced. More  precisely,  this  solution  allows  to  identify  which  path a  product  has  taken  in  the  supply  chain,  without  disclosing sensitive information. To allow product tracking, the product are attached to a sensor node. This latter stores a trace of the product  path  along  the  supply  chain.  The  trace  is  computed using polynomial based signature techniques. We restrict the visibility  of  the  manager  of  the  supply  chain  by  organizing the supply  chain  facilities into clusters. Also,  we encrypt the path traces to ensure security against adversaries. To perform access control in the sensor nodes we use randomized Rabin scheme which is known for being efficient and lightweight. In this  paper,  sensor  nodes  are  not  required  to  perform  heavy computation,  which  makes  our  solution  feasible.  The  main achievement of this work is a cryptographic mechanism that allows to the supply chain manager to trace the supply chain entities  that  product  went  through,  without  disclosing  the identity of those entities.

3. Serme G. and Idrees M.S. Adaptive, Security on Service-based SCM Control System

On  a  large-scale  application  subject  to  dynamic interactions, the description and enforcement of security rules are  complex  tasks  to  handle,  as  they  involve  heterogeneous entities that do not have the same capabilities. In the context of SCM-application for example, we have different goods that are being transported across different systems. At one point, items  and  systems  communicate  together  to  signal  presence, report  issues  during  transport,  certify  validity  of  previous checks,  etc.  Security  capabilities  of  the  involved  parties  are heterogeneous and one might want to specify security policies on an abstract level and let the involved systems enforce them according to their contexts and the specific capabilities of each party.  In  this  paper,  we  propose  a  framework  for  security mechanisms  adaptation  when  services  are  involved  by  using Aspect-Oriented-Programming  (AOP)  concepts  that  can  be applied  to  SCM  applications.  The  novelty  is  the  expressivity of  security  policy  at  a  global  level  and  the  enforcement  at  a local level, through a specific and distributed aspect model that has a larger semantic to catch up events relevant for business usage and dedicated to security concerns.
 

To report this post you need to login first.

Be the first to leave a comment

You must be Logged on to comment or reply to a post.

Leave a Reply