Towards a Model to Support the Reconciliation of Security Actions across Enterprises

As an increasing amount of businesses look towards collaborations to gain a strategic advantage in the marketplace, the importance of systems to support these collaborative activities significantly increases. Within this area, arguably one of the most important issues is supporting interaction security. This is both at the initial, higher level of humans from businesses agreeing on joint security needs and the lower level of security technologies (communication protocols, VPNs, and so on). As there has been a substantial amount of work on the latter level, this work-in-progress paper tries to restore some of the balance by considering the problem of supporting companies at the business (and more social/human) level of interactions. We focus particularly on the initial tasks of negotiating and reconciling their high-level security needs. Our specific aim is therefore to explore the design of a model which replicates the human decision-making process with regards to the reconciliation of conflicting security needs at this higher level. The modelling of such a process is a prime area for research in the socio-technical field because it seeks to formalise several social aspects not typically modelled in a technical sense.