Université de Limoges
The development of collaborative business process relies mostly on software services spanning multiple organizations. Therefore, uncertainty related to the shared assets and risks of Intellectual Property infringement form major concerns and hamper the development of inter-enterprise collaboration. This paper proposes a governance framework to enhance trust and assurance in such collaborative context, coping with the impacts of Cloud infrastructure. First, collaborative security requirements engineering approach analyzes assets sharing relations in business process, to identify risks and uncertainties and, therefore, elicits partners' security requirements and profiles. Then, a 'Due usage' aware policy model supports negotiation between asset provider's requirements and consumer's profiles.