ENHANCING DATA CONFIDENTIALITY IN SUPPLY CHAIN COLLABORATION: A FRAMEWORK FOR PRIVACY-AWARE ACCESS CONTROL

Povzetek

This paper presents the explanation of the privacy-conscious access control model which can be used in promoting data confidentiality within a collaborative supply chain context. With the inter-networking of supply chains, conventional role-based access control schemes cannot effectively prevent leakage and misapplication of data especially in the cross-organizational context. A solution to this was proposed through a dynamic access control architecture which was simulated with the help of Python considering contextual rules that included user role, sensitivity of a resource and time of access. Synthetic population: a set of 1,000 synthetic access logs was created to match realistic interaction in a supply chain. Indicators were measured in terms of key performance indicators including: compliance, false positive, and breach detection rate. The result indicates the high compliance of 93.3 percent and successful detection of attempts at breaches with few hits on false positives. This makes the system to also visualize the data that shows those behaviours that are risky by the role and time. The framework provides an extendable and feasible extension to ERP and SCM systems that will allow preserving privacy without interfering with cooperation.