Security Consequences of Messaging Hubs in Many-to-Many E-procurement Solutions

摘要

In many-to-many e-procurement solutions, two main business models, and their corresponding information systems topologies, have in recent years competed to gain widespread acceptance. The aim of this paper is to analyse, from a security perspective, the approach that some infomediaries are currently proposing in order to accommodate the business requirement for end-to-end transaction negotiation while retaining the topology and security advantages inherent to the n-to-one and one-to-m (as opposed to n-to-m) approach of the marketplaces: messaging hubs. In this approach, each trading partner communicates to the messaging hub through the most appropriate network solution (Internet, VPN, etc) in order to send purchase orders, shipping schedules and other documents. The messaging hub then translates the data into the desired format and forwards it to the other partner. The proposed model that attempts to explain this trend in terms of the business and network topologies is then applied to other e-procurement trends, such as that towards hosted portals, to test its generality.