Electronic Business Interoperability: Concepts, Opportunities and Challenges
Book Citation Index

Electronic Business Interoperability: Concepts, Opportunities and Challenges

Ejub Kajan (State University of Novi Pazar, Serbia)
Release Date: March, 2011|Copyright: © 2011 |Pages: 778
DOI: 10.4018/978-1-60960-485-1
ISBN13: 9781609604851|ISBN10: 1609604857|EISBN13: 9781609604868
  • Free shipping on orders $395+
  • Printed-On-Demand (POD)
  • Usually ships one day from order
  • 20% discount on 5+ titles*
(Multi-User License)
  • Multi-user license (no added fee)
  • Immediate access after purchase
  • No DRM
  • ePub with PDF download
  • 20% discount on 5+ titles*
Hardcover +
(Multi-User License)
  • Free shipping on orders $395+
  • Printed-On-Demand (POD)
  • Usually ships one day from order
  • Multi-user license (no added fee)
  • Immediate access after purchase
  • No DRM
  • ePub with PDF download
  • 20% discount on 5+ titles*
(Individual Chapters)
  • Purchase individual chapters from this book
  • Immediate PDF download after purchase or access through your personal library
  • 20% discount on 5+ titles*
Description & Coverage

Interoperability is a topic of considerable interest for business entities, as the exchange and use of data is important to their success and sustainability.

Electronic Business Interoperability: Concepts, Opportunities and Challenges analyzes obstacles, provides critical assessment of existing approaches, and reviews recent research efforts to overcome interoperability problems in electronic business. It serves as a source of knowledge for researchers, educators, students, and industry practitioners to share and exchange their most current research findings, ideas, practices, challenges, and opportunities concerning electronic business interoperability.


The many academic areas covered in this publication include, but are not limited to:

  • Business artifacts for e-business interoperability
  • Data mappings between heterogeneous XML schemas
  • E-commerce business processes
  • ebXML-based electronic business interoperability framework
  • Interoperability approaches and tools
  • Ontology engineering tools
  • Planning-driven service composition
  • Process mediation
  • Semantic interoperability enablement in e-business modeling
  • Semantic technologies and e-business
Reviews and Testimonials

Altogether, this book gives an interesting overview of recent findings in many relevant areas of research, development, and standardization in electronic business interoperability. Considering the range and depth of the chapters, written by experts, yet highly readable to non-experts, this book is an important and much needed contribution for a wider audience ranging from researchers and those in undergraduate education to professionals who are involved in design and development of interoperable e-business applications and solutions. Moreover, it can inspire the whole e-business community to come up with entirely new ideas in this fascinating research and development area.

– Prof. Dr. Dragan Stojanovic
Table of Contents
Search this Book:
Editor Biographies
Ejub Kajan teaches at the State University of Novi Pazar and at the Faculty of Electronic Engineering in Niš, Serbia. He holds a PhD and MSc in Computer Science from University of Niš, Serbia, and diploma degree in Electronic Engineering from University of Split, Croatia. His current research focuses on e-commerce in general, e-commerce architectures, semantic interoperability, computer networks, and open systems. He has authored over seventy papers, four research books, three chapters in edited books, and four textbooks. He has published in various outlets, including CACM, JGITM, IGI Global books, ACM SIGEcom Exchanges, International Review on Computers and Software, Automatika, etc. He is a Senior Member of the ACM, and a member of IEEE, IADIS, and ISOC. Dr. Kajan is involved in a series of international conferences as a program committee member including, but not limited to prestigious DEXA, WSKS, and IADIS conferences. He also serves on the editorial boards of International Journal of Distributed Systems and Technologies (IJDST) and Journal of Information, Information Technology and Organization (JIITO). In the past, he worked as a software engineer and general manager in the computer industry.
Editorial Review Board
  • Dr. Nik Bessis, University of Bedfordshire, UK
  • Dr. Athman Bouguettaya, CSIRO, Australia
  • Dr. Dickson K.W. Chiu, Dickson Computer Systems, Hong Kong
  • Dr. Slobodanka Djordjevic-Kajan, University of Niš, Serbia
  • Dr. Ricardo Gonçalves, Uninova University, Portugal
  • Dr. Pedro Isaías, Portugese Open University, Portugal
  • Dr. Borislav Jošanov, Novi Sad Business School, Serbia
  • Dr. In Lee, Western Illinois University, Chicago, US
  • Dr. Hanan Lutfiyya, University of Western Ontario, Canada
  • Dr. Zakaria Maamar, Zayed University, UAE
  • Dr. Antonija Mitrovic, University of Canterbury, New Zealand
  • Dr. Florian Rosenberg, CSIRO, Australia
  • Dr. Yazhe Tang, Xi'an Jiaotong University, China
  • Dr. Vladimir Tošic, NICTA, Australia
  • Dr. Liming Zhu, NICTA, Australia
Peer Review Process
The peer review process is the driving force behind all IGI Global books and journals. All IGI Global reviewers maintain the highest ethical standards and each manuscript undergoes a rigorous double-blind peer review process, which is backed by our full membership to the Committee on Publication Ethics (COPE). Learn More >
Ethics & Malpractice
IGI Global book and journal editors and authors are provided written guidelines and checklists that must be followed to maintain the high value that IGI Global places on the work it publishes. As a full member of the Committee on Publication Ethics (COPE), all editors, authors and reviewers must adhere to specific ethical and quality standards, which includes IGI Global’s full ethics and malpractice guidelines and editorial policies. These apply to all books, journals, chapters, and articles submitted and accepted for publication. To review our full policies, conflict of interest statement, and post-publication corrections, view IGI Global’s Full Ethics and Malpractice Statement.


Recently, the new expansion of EC (Electronic Commerce) is taking place, especially in the form of B2B (Business-to-Business). The main goal of B2B is to provide business entities with the ability to establish business relationships in such a manner that their public business processes may interact with each other, exchanging their data. In a business scenario, business entities are usually loosely coupled; that means business processes require ad hoc integration from time to time. Such integration on demand may cause many conflicts. Problems arise due to the huge heterogeneity between business processes and data involved, which are both different by nature on the one side, and on the other side, between underlying IT technologies, which are different by default (Kajan & Stoimenov, 2005).

Interoperability, in general, may be defined as “the ability of two or more systems or components to exchange information and to use the information that has been exchanged” (IEEE, 1990). Much effort has been devoted to overcoming interoperability problems of any kind, but they have not reached their promise yet. Instead of unlimited interoperability inside and between business entities, the result was too many mutually incompatible “standards” that formed isolated areas of e-business seeking for new investments over and over again. 

The problems arise due to many conflicts that may appear between two business entities (an enterprise or actually a part of e-business process) when they are trying to establish and perform a business relationship (Kajan, 2010). These conflicts appear in business data as well as in business processes. The problem was recognized many years ago (Kim & Seo, 1991; Sheth & Kashyap, 1992), originating from different representation and interpretation of the same and similar data, differences in logical structure, naming conflicts, different concepts used for same real objects, schema isomorphism conflicts, et cetera. The existence of different business documents, product and service catalogs, and classification schema provide additional interoperability barriers. In depth analysis of these is available (Ng, et al., 2000; Hepp, 2006, Kabak & Dogac, 2010).

Non-standardized business terminology, lack of common acceptable and understandable grammar and lack of common dialog rules result in incompatible business protocols. Such a situation naturally made an ideal initial assumption that many incompatible e-business frameworks could be defined, developed and implemented. Thus, that is what actually happened (Medjahed et al, 2003). In one study (Bedini et al, 2010), thirty-seven B2B standards are listed and compared. In an ideal situation that implies that a real worldwide enterprise may be faced up with a fact that the buzzword “no paperwork anymore” may cost of the development and/or purchase of thirty-six different translators or mediators. Who is going to pay that price? In real situation, different versions of the same standard make the things more difficult. Is there a visible exit or we are going to closed loop again and again?

Recent research efforts look very promising. They are concentrating on two big goals: to provide middleware technologies and frameworks which are capable to act as self-acting dynamic artifacts at the time of invocation, and to provide necessary semantic understanding between peers of any kind. Key flywheels are widely recognized in Service Oriented Architectures (Yu, et al, 2008) and Semantic Web (Berners-Lee, et al, 2001; Ding et al, 2002). Despite well-defined goals and recent results, the entire project is still under development.

At the same time, the problem of security of such potentially very open platforms has raised. The security requirements for B2B transactions are very rigorous. Nugent & Raisinghani. (2002) identified seven key parameters that influence EC security. These include attack analysis, access control, authentication, data confidentiality, data integrity, non repudiation, and system reliability and availability. There is a need to protect business data before, after, and during the transactions on the transmission line. Many times, the business process occurs between two partners who have no trust in each other or there is a third party in a transaction (Hofmman et al. 2006; Paton & Jøsang, 2004). The big issue here is how to protect data and business in a wide-open, knowledgeable, machine-readable environment, where many cooperative processes are taking place with no human intervention?

Let us finish this discussion with a vision of Tim Berners-Lee given in the foreword of the book about Semantic Web (Fensel et al., 2003): “Now we can imagine the world of people with active machines forming part of the infrastructure. We have only to express a request for bids, or make a bid, and machines will turn a small profit matching the two.”

This book aims to analyze and overview main obstacles, to give critical assessment of existing approaches, and to show recent research efforts in order to overcome interoperability problems in electronic business. It serves as a source of knowledge for researchers, educators, students, and industry practitioners to share and exchange their most current research findings, ideas, practices, challenges, and opportunities concerning electronic business interoperability. The seventy-one authors from fifteen countries and forty different research organizations give an excellent overview on what is going on enterprise interoperability today. Among others, several top high European projects are discussed either in details (e.g. BRAIN, CoSpaces, INTEROP NoE, Janus, MODI, Neptune, etc.) or by discussion of related work (e.g. COIN, etc.). The Americans are also presenting some real-world oriented approaches and solutions such are MOSS and Combine. The Chinese contribution came from Wuhan University and it is about the SKLSE-ebIOT, the interoperability framework and testing platform. Noteworthy is a novel view to electronic business interoperability based on business artifacts, which is proposed by three scientists dispersed across the world.

The target audience of this book is composed of researchers, teachers, undergraduate and PhD students in various e-business programs. From the research point of view, the analysis of the interoperability problems given in all chapters, the many original results shown, the background and reference sections, and more are all valuable sources. From the educational point of view, the overviews of problems and enabling technologies and many definitions of key terms present a good teaching and learning material at one place. The twenty-six chapters of the book are grouped into seven parts, which are briefly highlighted below.


This section sets up the discussion about interoperability issues in electronic business, the first three chapters addressing different barriers that affect it, whilst the forth chapter focuses on the architectural elements for building interoperable platforms. These issues are also discussed in other sections. From that point of view, chapter 19 pays special attention to the heterogeneity of business documents, and chapter 5 compares top-down and bottom-up approaches to process interoperability.

This section includes four chapters. Chapter 1, “E-Business Interoperability: A Systematization Attempt Using the Morphology Concept,” attempts to systemize electronic business interoperability in a holistic way, and from an interdisciplinary point of view, paying attention to many facets of it. These facets are usually hidden by everyday interoperability problems laid on technical difficulties to achieve desired interoperability level. Finding the right strategy as well as using the right instruments for establishing interoperability is still a huge challenge upon which this chapter is attempting to elaborate. In that sense, a morphological box is elaborated in order to characterize interoperability aspects in electronic business, that may be further used either for comparison of interoperability aspects of particular project, or as a guide for defining a successful strategy. The whole systematization is clearly explained by three tables.

Chapter 2, “Business Artifacts for E-Business Interoperability,” discusses some key issues related to smooth enterprise interoperability. Based on three well-known bottlenecks that raise interoperability problems: data heterogeneity, lack of common business vocabulary and grammar, and policy incompatibility, this chapter introduces a higher-level approach for solving interoperability between enterprises. It proposes an artifact-centric solution that is able to deal with dynamic market conditions allowing such a level of abstraction that is meaningful for enterprise management. Badr, Narendra and Maamar define three layers of interoperability: strategic, service, and resource. Several interaction patterns are described in detail showing how enterprises are able to interact with each other by exchanging artifacts. Eleven figures support the textual contents illustrating, among others, artifacts exchanges and collaboration, artifacts and ECA rules, and a prototype snapshot.

Chapter 3, “A Semantic Similarity Analysis for Data Mappings between Heterogeneous XML Schemas,” deals with heterogeneity of data in electronic business. In this chapter, Kim and Peng investigate the existing schema mapping approaches and propose an innovative semantic similarity analysis approach to facilitate XML schema mapping, merging, and reuse. The proposed approach for XML schema mapping is based on a 3-tier solution comprising layered structure analysis, layer specific semantic similarity measures, and efficient computation of mappings via distributed computing. Two prototype systems are used in order to evaluate the proposed approach and give an overview of the encouraging results.

Finally, Chapter 4, “Putting Interoperability on the map: Towards a framework of interoperability approaches and tools,” gives an overview of the constraints and the principles that affect architecture design, and the research efforts focusing on interoperability infrastructures. In addition to many research efforts in this area, special attention and an overview of relevant European FP6 and FP7 projects has given in terms of proposed architecture components and tools that can enable, support, and maintain interoperability in heterogeneous and dynamic environments. Eliakis and colleagues address future research on validating the proposed set of architecture tools, as well as the order in which they should be developed, depending on their role in interoperability achievement.


This section is completely devoted to business processes, especially in the sense of their interoperability, verification and validation. It consists of three chapters, as follows:

Chapter 5, “Process Mediation: Requirements, Experiences and Challenges,” addresses the problem of interoperability of heterogeneous business processes consisting of semantically annotated Web services. A semi-automated solution, called process mediation, that analyzes the potentially incompatible process models of service requesters and service providers, is discussed. The chapter covers techniques for automated detecting and resolution of incompatibilities, service discovery in the process mediation context, techniques for monitoring, and techniques for fault handling and recovery. Lessons learned and an outlook for future research directions are also given. This chapter also contributes to interoperability issues in section one, making an overview and comparison between top-down and bottom-up approach to process interoperability.

Chapter 6, “Verification of e-Commerce Business Processes,” deals with verification concepts for large-scale e-commerce systems, or actually, their business processes. As an example, Intershop Enfinity is considered. The current practice is to test and check systems manually, but that is a time-consuming and costly process. For automatic verification and validation, Feja and colleagues used EPC (Event Process Chains) diagrams and the graphical formal notation based on CTL (Computational Tree Logic). A proposed framework provides guidance for how the model types with different level of abstraction may be checked and allows for the creation of repositories for a large number of rules. Finally, the further challenges for a proposed validation framework are addressed. 

The second section ends with Chapter 7, “Validating Component-based Implementations of Business Processes.” This chapter exhibits a discrepancy between the problem statement of grounding and refining business processes on component architectures, and the chosen technique for verifying a correct grounding/refinement. The specification is based on the Petri nets theory and the detection and analysis of deadlocks. Diagrams comparing validation times needed for arbitrary versus refined scenarios support the given theoretical approach. Finally, authors gave a feasibility of future extension of the approach including further constructs of process model and improved error explanation.


The focus of this section is SOA, the e-business key enabling technology paradigm, as emphasized earlier in this preface. 

In chapter 8, “eBusiness Interoperability and Collaboration,” Kipp and Schubert present an approach towards a “real” SOA paradigm that should allow cross-enterprise data exchange and cooperation between distributed business workflows. The given approach is based on a dynamic gateway structure that acts as virtual endpoint able to encapsulate complex business processes on behalf of the provider. At the same time, such a gateway can hide its infrastructure meeting requirements of maximum deployment flexibility and minimal impact as well. Multiple collaborations are also possible without reconfiguration of the underlying infrastructure. Seven tables are used to summarize the features and evaluation criteria for a given approach. Finally, the security features of such approaches are also discussed in detail, and in that sense, this chapter gives a special contribution to security issues of this book. The presented results partially show achievements of two European projects: CoSpaces and BRAIN.

Chapter 9, “Requirements Metadata Driven Dynamic Configuration of Business Processes,” by Spies and Taleb-Bendiab, introduces a model-driven approach to a runtime adaptable, requirements driven services management system. A theoretical framework named Neptune is presented, building on intention models that are transformed in several steps to dynamic business processes complying with the Web services paradigm and the business process execution language for Web services. These services can be reconfigured at runtime by autonomic behaviours of the management system in line with the intention model. The detailed case study, based on PetShop enterprise application blueprint, showed how Neptune could be used to develop a fault-tolerant SOA, theoretically achieving self-sustainable behaviors.

Vukovic and Robinson end this section by Chapter 10, “Planning-driven Service Composition.” It presents how automated service composition can be considered as a planning problem. An overview of existing work in planning-based service composition and the main research challenges that need to be tackled by novel service composition frameworks is given. These include automated construction of explicit representations of user task goals, adaptation, and composition and execution failure tolerance. Finally, the chapter discusses future research directions in planning-based service composition.


This section is devoted to semantic technologies in electronic business, another key enabling technology stack, as mentioned earlier. Four chapters cover a number of semantic technologies and guidelines for how these technologies may apply to electronic business frameworks and solutions. In particular, automatic ontology derivation from XML Schemas, ontology matching, ontology engineering, and representation of conceptual knowledge are covered in depth.

In the leading Chapter 11, “Semantic Technologies and E-Business,” Bedini, Nguyen and Gardarin study what semantic technologies can bring to the e-business domain and how they can be applied to electronic business. An overview of the goals to be achieved by e-business applications and a large table-supported panel of existing e-business standards with their current modus operandi is also presented. Special attention is given to Janus system, a prototype for automatic ontology derivation from XML Schemas. Janus system is based on SDMO (Semantic Data Model for Ontology) standard and permits automatic conceptual knowledge retrieval from large corpus XML sources. The whole chapter, its concepts, and methodology are well-covered by nineteen figures and tables and listings. The rich and up to date references and additional reading sections give the reader a complete view of semantic technologies in electronic business.

Chapter 12, “Context-Sensitive Ontology Matching in Electronic Business,” by Huang and Dang, introduces an innovative algorithm, Context-Sensitive Matching, intended for reconciliation of heterogeneous ontologies. The algorithm is based on contextual information, an artificial neural network dedicated to learning weights for different semantic aspects, and an agglomerative clustering algorithm for final matching results generation. The methodology was evaluated on real world ontologies, followed by in-depth analysis of the experimental results. 

Chapter 13, “Approaches for evaluating the conformance and interoperability of ontology engineering tools,” presents two characteristics of ontology engineering tools that have a high relevance for the application of these tools, namely, their conformance and interoperability. It also discusses two methods for evaluating the conformance and interoperability of ontology engineering tools and the test data that can be used in such evaluations. These evaluations are intended to be automated and reusable. Different metadata have also be defined that could be used in their automation. Garcia-Castro and Gómez-Perez argue that the evaluation techniques and test data given in this chapter could be used to evaluate the conformance and interoperability of other semantic technologies and complex Information Systems.

The section ends with Chapter 14, “Semantic Interoperability Enablement in E-Business Modeling,” which presents an approach to using ontologies in order to achieve semantic interoperability of conceptual models that describe e-business. The large background section provides a detailed overview of models for describing data, processes and organizations, and modeling languages, as well, concluding that there are no propositions for solutions for how to semantically coordinate business knowledge contained in models of different kinds and types for integrating the semantics of the modeling and the domain language together. This chapter introduces a new bottom-up approach for reengineering semi-structured and structured resources into ontologies for obtaining machine-processable semantic descriptions. The automatically produced results provide an ontology basis without initial manual labor-intensive preparation and creation efforts. As an example for semantic model integration, the MODI (Model Integration) Framework developed and presented here as an application of proposed method for integrating models.


Section V consists of three chapters that focus on specific e-business solutions based on semantic technologies. These cover e-recruitment, the supply chain in automotive industry, and the industrial sector in general. 

Chapter 15, “Conception of an Ontology-Based E-Recruitment Application That Integrates Social Web,” presents the elaboration of an ontology-based application called Combine. Its aims are to optimize and enhance e-recruitment processes in the domain of Information Technologies’ staffing services, and especially e-recruitment processes that use Social Web platforms as a means of sourcing candidates. The motivation, requirements analysis, and prototype evaluation of Combine are described. Theories of computer-mediated communication and human-computer interaction are used in order to emphasize the potential return of investments of the semantic-supported e-recruitment. Seventeen figures, consisting of diagrams and screenshots, support the text well. A part of the background is dedicated to emerging Web x.o technologies, and from that point of view, the chapter also contributes to section four of this book.

Chapter 16, “Trade Collaboration Systems,” by Denno, describes a trade collaboration system (TCS) for coordinating the work of supply chain stakeholders involved in the business processes of global logistics. The AIAG (Automotive Industry Action Group) MOSS project, in collaboration with NIST, developed an enabling framework for the development of Trade Collaboration Systems. The framework provides a method for life-cycle integrated information exchange, grounded in a conceptual model of the domain. The success of the MOSS pilot exercise suggests that the benefits, costs, and risks associated with deployment are favorable.

Finally, in Chapter 17, “The Semantic Web as a Catalyst for Enterprise/Industrial Interoperability,” Kalogeras and colleagues discuss the possibilities of Semantic Web achieving the full interoperability of industrial systems. Focusing on Semantic Web Services, they emphasize the combination of services and their semantic support as key elements to build novel interoperability architectures across the enterprise and between enterprises. The authors also provide a vision of a future Internet that will be able support all kinds of digital entities, such as devices, things, knowledge, services, et cetera, and people that will provide a universal infrastructure for the exchange and management of heterogeneous knowledge.


This section covers five e-business frameworks. They cover plenty of challenges, technologies, techniques, and strategies involved in the development and implementation of electronic business frameworks. Special contribution to the focus of this section comes from Chapter 11 by a comprehensive overview of existing electronic business frameworks.

In chapter 18, “ebXML-based Electronic Business Interoperability Framework and Test Platform,” Liang and his colleagues focus on how to address the interoperability issues in ebXML-based solutions, and how to achieve the interoperability assurance through testing in a cost-effective way. This chapter proposes a two-part solution to address these issues: an interoperability framework for ebXML-based e-business solutions, and a platform for automatic interoperability test. Although the proposed interoperability framework and methods are demonstrated with ebXML examples, it is generally applicable to other e-business specifications. The authors conclude that for the general interoperability framework, it has to be adapted and customized into an existing e-business specification before it is put into practice. 

Chapter 19, “An Ontology-based Framework to Semantically Describe XML-based Business Documents,” presents a framework for supporting the representation of the semantics of the XML-based electronic business documents that are interchanged between trading partners for managing a decentralized collaborative relationship. Such a relationship allows trading partners to keep their privacy and security at the same time to manage simultaneous relations with different partners with no conflict situations. The proposed framework defines a strategy based on ontology and context, avoiding definition of global meaning. The framework description is supported by a running application example. Special contribution to the book content is given by an overview of electronic business documents whose number, structure, languages, usage, and purpose make business data heterogeneous, and raise interoperability problems. 

Chapter 20, “Business Document Exchange between Small Companies,” presents a pragmatic organisational and technical approach specifically conceived to overcome the interoperability needs of small companies belonging to a business ecosystem. This solution has been introduced, studied, prototyped, and validated by the authors in the frame of recent or running EU funded projects, some of which are overviewed in the chapter, with special attention to business ecosystems in the building, textile, service, and ICT sectors. Bonfatti and colleagues emphasize that the interoperability problems of small companies are even more complex than those usually studied. The analysis of these problems and the ways to solve them are special contributions to electronic business interoperability issues of general interest. Special attention is paid to show how to define minimal reference ontology, use it for annotating the data fields in legacy systems, and map it onto existing standards in order to remove the cultural and technical obstacles for small companies to join the global electronic market.

Chapter 21, “Towards Interoperability in the Building of Next Generation of Collaborative Working Environments,” deals with the most relevant problems that current collaborative working environments (CWE) present and with the requirements for the next generation of CWEs. These requirements are discussed and analyzed in the context of SOA and semantic technologies. Special attention is given to the ability of the latter for fulfilling these requirements, resulting with proposed reference architecture (named as Ecospace) for the next generation of CWEs. In order to prove the concept, Martinez-Carreras and her colleagues present several applications that have been developed under the umbrella of Ecospace. The chapter also provides an extensive overview of SOA and semantic technologies, supported by a rich reference section, and from that point of view, it contributes to sections three and four, as well. 

Zacharewicz, Chen, and Vallespir wrote Chapter 22, “HLA Supported, Federation Oriented Enterprise Interoperability.” In this chapter, they present some future trends given in the final deliverable of the INTEROP Network of Excellence project that prospects ways to support federation oriented enterprise interoperability. The analysis of interoperability problems focuses on ongoing research for solutions based on the High Level Architecture (HLA) at the technological level. After HLA, MDA (Model Driven Architecture) and emerging MDI (Model Driven Interoperability) methodology are described in order to merge these three and in such a way to rationalize the development lifecycle of distributed enterprise models. As many others, this chapter also contributes to the interoperability issues section defining three main interoperability barriers: conceptual, technological, and organizational.


Section VII deals with various aspects of e-business. It consists of four chapters, which concentrate on convergence and management on information security, XML Signature attacks and identity management. These chapters are:

Chapter 23, “Convergence of Information Security in B2B Networks,” by Harnesk, contributes to the book seeking to articulate the socio-technical dependencies that comprise information security. It creates a concept for the convergence of information security in the context of B2B networks. The shift from information security safeguards to information security observers is presented in depth. The Actor Network Theory and the Process Theory were adopted in order to demonstrate how and by which elements it is possible to constitute the devised process of converging information security. This constitution process discussed towards definition, integration, the security evaluation, and the ability of the observer to operate in a B2B environment.

Chapter 24, “E-Business and Information Security Risk Management: Challenges and Potential Solutions,” by Fenz, focuses on information security risk management (ISRM) and shows its importance for e-business. After the brief overview of ISRM, the chapter analyses current problems and presents novel ISRM methods in order to overcome these problems. The proposed solution is based on a Bayesian threat probability determination method that enables organizations to calculate organization-specific threat probabilities based on the knowledge stored in the security ontology. The chapter also identifies future research directions.

Gruschka and his colleagues contribute to this section with Chapter 25, “On Interoperability Failures in WS-Security: The XML Signature Wrapping Attack.” This chapter discusses the XML Signature Wrapping attack, which is one of the most severe attack types in Web Services. It enables an attacker to trigger Web Service operations on behalf of a legitimate user, impersonating that user in full against the Web Service server, even without the legitimate user knowing about the attack being performed. The impact of this attack may vary from simple denial of service and privacy violations to the ability to perform illegal activities on behalf of legitimate user. After a brief explanation of how it works and an overview of relevant literature, the chapter describes a real-world attack incident. It continues with a brief discussion on mitigation and countermeasures, in particular XML Schema validation, XPath-Based Referencing and WS-SecurityPolicy Enforcement. In the concluding section, Grushka and his colleagues express the expectations that future versions of the involved specifications will become more robust to the issue.

The section ends with Chapter 26, “Interoperability in Identity Management,” by Wolf, which analyses the requirements for enabling interoperability between identity management systems. The first part gives an overview of industry and research efforts in this area, including also the challenges of trust in an e-business relationship. The body of the chapter starts with a motivating example representing a real-world scenario from the financial sector. Based on an analysis of two major standards, Wolf proposes a message meta-model that should allow collaboration in identity management among different standards. Finally, a description of the prototype is given.


Berners-Lee, T., Hendler, J. & Lassila, O. (2001). The Semantic Web. Scientific American, 284(5), 34–43.

Bedini, I., Gardarin, G. & Ngyen B. (2010).  Semantic technologies and e-business, in this issue.

Ding, Y., Fensel, D., Klain, M. & Omelayenko, B. (2002). The Semantic Web: Yet another hip? Data & Knowledge Engineering, 41, 205–227.

D. Fensel, J. Hendler, H. Lieberman & W. Wahlster (Eds.). (2003). Spinning the Semantic Web, (p. xxii.). MIT Press.

Hepp, M. (2006). Products and services ontologies: A methodology for Deriving OWL ontologies from industrial categorization standards. International Journal on Semantic Web & Information Systems, 2(1), 72–99.

Hofmman, L.J., Lawson-Jenkins, K. & Blum, J. (2006). Trust beyond security, an expanded trust model. Communications of the ACM, 49(7), 95–101.

IEEE. (1990). IEEE standard dictionary: A compilation of IEEE standard computer glossaries. (p. 114). New York.

Kabak, Y. & Dogac, A. (2010). A survey and analysis of electronic business document standards. ACM Computing Surveys, 42(3), 11.

Kajan, E. & Stoimenov, L. (2005). Toward an ontology-driven architectural framework for B2B. Communications of the ACM, 48(12), 60–66.

Kajan, E., (2010). Interoperability issues of business processes: Key issues and technological drivers. In E-business development and management in the global economy. (pp. 908–917). Hershey, PA: IGI Global.

Kim, W. & Seo, J. (1991). Classifying schematic and data heterogeneity in multidatabase systems. IEEE Computer, 24(12), 12–18.

Medjahed, B., Benetalah, B. Bouguettaya, A., Ngu A.H. & Elmargamid, A.K. (2003). Business-to-business interactions: Issues and enabling technologies. The VLDB Journal, 12, 59–85.

Ng W.K., Yan, G. & Lim, E-P. (2000). Heterogeneous product description in electronic commerce. ACM SIGecom Exchanges, 1(1), 7–13.

Nugent, J.H. & Raisinghani, M.S. (2002). The Information Technology and telecommunications security imperative: Important issues and drivers. Journal of Electronic Commerce Research, 3(1), pp. 1–14.

Patton, M.A. & Jøsang, A. (2004). Technologies for trust in electronic commerce, Electronic Commerce Research, 4, 9–21.

Sheth A.P & Kashyap, V. (1992). So far (schematically), yet so near (semantically). IFIP WG2.6 Database Semantics Conference on Interoperable Database Systems, Lorne, Australia, 1992, 283–312.

Yu, Q., Liu, X., Bouguethaya A. & Medjahed, B. (2008). Deploying and managing Web Services, issues, solutions and directions. The VLDB Journal, 537–572.