ABSTRACT

EPC-based information sharing networks are a global effort to standardize the supply chainwide exchange of operational trace data. Due to the complex nature of supply chains and different information sharing relationships, security is a critical issue. Prior research and end-user feedback suggest that there is currently a limited understanding of how to assess and address security threats that could affect multiple parties. In this chapter, we describe a threat model that can help to compensate this shortcoming. Our model helps to assess current as well as future risks. Our findings suggest that designers, operators, and users of EPC-based information sharing networks should focus on providing accountability as a key aspect of improving collective security.