Security and Communication Networks

Volume 2018, Article ID 3858592, 18 pages

https://doi.org/10.1155/2018/3858592

## A Privacy Preserving Approach to Collaborative Systemic Risk Identification: The Use-Case of Supply Chain Networks

^{1}FIM Research Center, University of Augsburg, Universitaetsstrasse 12, 86159 Augsburg, Germany^{2}FIM Research Center, University of Bayreuth, Wittelsbacherring 10, 95444 Bayreuth, Germany^{3}Project Group Business & Information Systems Engineering of the Fraunhofer FIT, University of Augsburg, 86135 Augsburg, Germany

Correspondence should be addressed to Lars Wederhake; ed.refohnuarf.tif@ekahredew.sral

Received 31 December 2017; Revised 26 April 2018; Accepted 15 May 2018; Published 22 July 2018

Academic Editor: Angel M. Del Rey

Copyright © 2018 Tirazheh Zare-Garizy et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

#### Abstract

Globalization and outsourcing are two main factors which are leading to higher complexity of supply chain networks. Due to the strategic importance of having a sustainable network, it is necessary to have an enhanced supply chain network risk management. In a supply chain network many firms depend directly or indirectly on a specific supplier. In this regard, unknown risks of network’s structure can endanger the whole supply chain network’s robustness. In spite of the importance of risk identification of supply chain network, firms are not willing to exchange the structural information of their network. Firms are concerned about risking their strategic positioning or established connections in the network. The paper proposes to combine secure multiparty computation cryptography methods with risk identification algorithms from social network analysis to address this challenge. The combination enables structural risk identification of supply chain networks without endangering firms’ competitive advantage.

#### 1. Introduction

In March 2000, a thunderstorm in New Mexico caused a 400-million-dollar loss for the telecommunications equipment firm Ericsson. The fire in a semiconductor plant, a single-source key components provider for Ericsson, led to this damage. This loss could have been lower with an appropriate risk management within the supply chain network (SCN) of Ericsson [1].

High complexity of SCNs and steady increase in vulnerability within the SCN are the results of globalization, digitalization, outsourcing, and customer or supplier dependencies [2]. The complex structures of SCNs are vulnerable to systemic risk at all scales. Systemic risk is not just the risk of statistically independent failure, but also the risk of failure cascading within the whole interconnected system [3]. This cascading effect impacts the whole system’s performance and can lead to irrecoverable value disruptions [4, 5]. 54% of firms are either extremely or very concerned about their sustainability performance [6]. Being one of the four emerging issues in global risk [7], it is inevitable to invest in risk management for supply chains. Managers and public policy makers need to identify risks to perform proper risk management and mitigation plans.

Simulation models [8–10], descriptive case studies [11, 12], and development of taxonomies of SCNs [13, 14] are common research results of the scholars on analysis of SCNs. The embedded positioning of firms within the SCN is important for each firm in the network as well as for the network as a whole. Innovation adoption, influence power, or brokering activities of the firms can be derived from their structural positioning in the SCN. Moreover, the structural positioning of the firms can affect the vulnerability or robustness of the SCN [15]. Over the last few decades, the importance of adopting a network perspective in supply chain analysis and management has increased. Recently, the idea of adopting network measures for the investigation of SCNs is opening new potentials to evaluate supply chains [16, 16, 17].

There are several measures to quantitatively characterize the network structure. Each measure can be adopted to capture a specific feature of the network [18]. Betweenness, closeness, and degree centrality are some of the widely used measures in social network analysis [19, 20]. Kim et al. [15] mapped these measures within the SCN and defined their implication for two types of supply networks: material flows and contractual relationships. They identified that firms with higher betweenness centrality (BC) have a higher impact on the product quality, coordination cost, and lead time or can cause unwanted intervene or control among the SCN. These risky firms have a higher contribution to systemic risk. The BC is an indicator for identifying firms with the possibility of influencing information processing, strategic alignments, and perverting risk management within the supply network [15]. Based on Hallikas et al. [21] the risks in a SCN can affect the long-term sustainable competitive advantage of the network. Considering our focus and above-mentioned findings, we assume the BC to be an appropriate measure to identify risky firms in the SCN.

One of the main challenges in studying supply chain risks is the scarcity of real life data on SCNs [15, 22]. The fear of risking competitors’ advantage by information sharing hinders firms’ collaboration within the SCN. To calculate the BC, either based on definition [18, 19], or by means of widely used algorithms such as Brandes’ [23], having information about the network’s structure is necessary. This structural information contains data on the network’s firms and their possible connectivity to other firms. However, the strategic importance of the firms’ position and connections within the network [24] dissuades firms from sharing this information. In this case, the application of secure multiparty computation (SMC) cryptographic algorithms [25, 26] would be one of the solutions to facilitate information sharing willingness within the network. SMC algorithms are based on simultaneous exchanges of encrypted data among parties. The result is calculated from the encrypted data and is shared among all firms (parties) in the network. The algorithm prevents leakage of key information between the firms.

Summarizing, we find considerable support for the importance of risk analysis in SCNs and the adequacy of the BC to identify the bottlenecks in SCNs. Literature, however, also backs that firms are reluctant to share information on their position in the network. Having this as a starting point, the main focus of this paper is to introduce an artifact, based on the design science paradigm, for privacy preserving calculation of the BC of a given SCN. This paper is an extended version of our prior research [27, 28] and includes detailed information on the developed artifact, the pseudocode of the artifact, and a detailed description and explanation of the pseudocode. Our artifact consists of four main methods that are calculating the desired result. The main contributions of our paper are as follows:(i)Identification of risks: in the first step of risk management, it is necessary to develop models and methods for risk identification in SCNs. In a small SCN, firms are more likely to keep the overview of the SCN topology and the firms in the network. Consequently, in such cases risks are relatively transparent and privacy might not be the main subject of interest. Our concern is the risk identification in large SCNs consisting of hundreds of interconnected firms. In a large SCN, on the one hand, the identification of unknown risks is important and on the other hand the privacy of members should be maintained. For an increasing size of the SCN and the interrelationships among the firms, the network becomes more complex [29, 30]. Due to the higher complexity the probability of unseen risks and the necessity of proper risk analysis increase. In the artifact proposed, we study the economic dependency (e.g., material or financial flow) between firms by means of BC calculation for the identification of risky firms in SCNs. We thereby assume that our artifact could be a module of standard ERP systems that use existing communication links to suppliers and customers. An alternative implementation could use existing blockchain technology.(ii)Preservation of privacy: one of the main concerns of firms in a SCN is their strategic position in the network, so they avoid risking their competitive advantage in order to identify their own risks. Our artifact keeps the network’s structure mostly unknown to the firms within the network. The artifact prevents data leakage or reconstruction of information to ensure the firms’ willingness for information sharing. In order to meet this objective, we base our approach on SMC algorithms in a semihonest environment as outlined in the latter. Our modeling focus is on providing a privacy preserving artifact, whereas we omit the analysis and improvement of computational complexity.

Considering the guidelines by Hevner et al. [31] and Gregor and Hevner [32] for the conduction of design science research, the remainder of this papers is organized as follows: the first section covers a brief review on essential literature. It also includes specifying the problem’s context and the relevance of the problem for SCNs. Subsequently, we discuss the modeling procedure and requirements that must be met for solving the problem. The fourth section illustrates the developed artifact. The section is followed by the evaluation of the artifact by means of testing and descriptive methods. The paper ends with a summary and an outlook on further research.

#### 2. Literature Review

##### 2.1. Supply Chain Networks

“Supply chains are interlinked networks of suppliers, manufacturers, distributors, and customers that provide a product or service to customers” [33]. Current trends, like e-commerce, e-logistics, and e-business, increase the complexity of supply chains. Furthermore, the importance of staying competitive in the market gives supply chain management a higher importance [34]. The SCN in a global economy consists of a large number of interdependent networks. This interdependency is very susceptible to external effects and defaults [35]. The risk type in SCNs can be specific disruption, general disruption, cost shock (e.g., exchange rates), product safety, commoditization, and shift in tastes [30]. Weather, terrorism, firms manufacturing failures, or financial crises can cause a default in the supply chain [36]. Risks in SCNs can lead to various types of losses such as financial loss, performance loss, physical loss, psychological loss, social loss, and time loss [37]. Since the disruptions in SCN in extreme cases may lead to the bankruptcy of the SCN’s firms, it is important for the firms to manage these risks and minimize the possible losses. A study by Gyorey et al. [38] states that 67% of firms are not ready for geopolitical instability challenges. In the management of SCNs, one of the main tasks is risk management. The risk management process consists of risk identification and assessment, decision and implementation of risk management actions, and risk monitoring [21]. Bellamy and Basole [39] classified the themes in SCNs analysis as system architecture (network structure), system behavior, and system policy and control. Among these categories, system architecture analysis methods focus on structural investigation of SCNs, relationship of firms, and the importance of the relationship. Considering social networks, structural investigations based on network analysis methods are well established. In the field of SCNs they are relatively new but evolving [15, 17, 40]. These methods focus on network components’ connections and patterns and implication of these connections for the whole network [18, 20]. Among various measures on structural analysis of SCN, as it has been mentioned earlier, the BC can be a suitable indicator to identify the structural risks of a SCN [15] and it is our choice in this paper.

##### 2.2. Privacy Concerns in Supply Chain Networks

On the one hand, knowing the structure of a network is a prerequisite of calculating the BC (as outlined earlier) and on the other hand in a SCN, the competitive advantage of network firms is relying on the privacy of their contacts and network relations they have [35]. Solutions to these data privacy concerns of firms can be as follows:(i)A trusted third party: if the firms trust a third party, it is easy to solve the problem by sharing their information with this trusted third party and letting it calculate the results. For instance, Brandes’ algorithm for the BC [23] works based on the idea of having a third party who collects the information and calculates the indices and returns the result. In practice, such a party that all network’s firms trust might be difficult to find and firms might have concerns about this third party revealing the information.(ii)SMC algorithms: these cryptography algorithms enable different firms in the network to share their information privately and calculate the result jointly. The main advantage of these algorithms is that the individual’s input stays mostly private.

SMC first was addressed by Yao [41]. Yao’s algorithm is answering the question of SMC for two parties. This algorithm is a solution to the millionaires’ problem. The problem is that two millionaires want to know which of them is richer but they do not want to share the real amount of their wealth. Yao’s [41] algorithm provides a solution that lets them privately encrypt their input, share it, and jointly calculate the result. The main advantage is that their input stays private. SMC algorithms today enable us to do secure addition, multiplication, and comparison [25, 42–44].

SMC algorithms are used in various fields of science. For instance, they are used for secure auctions [45]. They are also used for sharing financial risk exposures [46] with the focus on necessity of process and methods secrecy in financial industry. SMC algorithms are also applied for sustainable benchmarking in clouds without disclosing the individual’s confidential information [47].

“SecureSCM”, secure collaborative supply chain management, the European research project [48], is an example of the application of SMC algorithms in the field of SCNs. The project enabled privacy preserving online collaboration among various firms in a SCN. The focus was on providing the possibility of better reaction on possible capacity concerns or short notices. The collaboration of the firms with the application of SMC algorithms results in better production planning in the SCN. However, they did not study SCN’s risks and focused on cost minimization.

In this paper, SMC algorithms are our choice for the privacy preserving calculation of the result. To apply these algorithms, we develop an artifact that enables calculation of the result based on private shares of the firms. SMC algorithms have a high acceptance and are widely used in the field of cryptography since the 1980s [45, 49–52] as their security has been addressed comprehensively, as well.

##### 2.3. Network Centrality Measures

To calculate the BC, we model the SCN as a graph . Each firm in the SCN is represented by a vertex . An economic dependency (e.g., material or financial flow) between firms is represented by an edge between these firms. In this case, we name and adjacent or neighbors. Since an economic dependency is undirected, in this paper graphs are undirected. Moreover, the graphs are connected, as connected firms are forming a SCN. The BC is a centrality index based on the number of shortest paths and the frequency in which a vertex is appearing on shortest paths between two other vertices. A shortest path is a path between two vertices such that the sum of the weights of its constituent edges is minimized (as outlined in Section 3). The BC describes how other vertices potentially can influence the interaction between two nonneighboring vertices [18, 20]. The BC for vertex is calculated as follows [18]:In (1), is the number of shortest paths between source vertex and target vertex , which pass through vertex , and is the number of shortest paths between source vertex and target vertex .

The main aspect of the BC algorithms [23, 53, 54] is finding the shortest paths. Based on categorization of Cormen et al. [55] on shortest paths algorithms, we classify existing BC algorithms as follows:(i)Algorithms based on single-source shortest paths: Brandes’ algorithm [23] is a widely used one among them. Brandes [23] applies single-source shortest paths algorithms (breadth-first [56]) search for unweighted and Dijkstra’s algorithm for weighted graphs [55, 57] to calculate the BC.(ii)Algorithms based on all-pairs shortest paths: the method developed by [58] adopted modification of algorithms like the Floyd-Warshall [55, 59, 60] to enable parallelism and space-efficiency in calculation of the BC.

Both categories of algorithms need the network topology as input and a stack to store information. For privacy concerns we strive to avoid a central stack for information. Having a central stack implies that there is a central player who owns this stack. This player can infer information, from the communication of the players via this stack or from the large amounts of available data (although the information is encrypted) in the stack. This can be a risk for privacy concerns of the firms in the SCN.

In this paper, inspired by the Floyd-Warshall [55, 59, 60] algorithm as well as backtracking search [61] to identify shortest paths, we develop an artifact which does not need a central stack, stores information decentrally, and does not need the network’s topology as input.

#### 3. Modeling Procedure, Assumptions, and Requirements

The first part of this section focuses on the modeling procedure and assumptions of our artifact. In this part, before we focus on privacy concerns and information that each firm has, we define the general terms and construct of our artifact. The second part includes the more specific information on the firm’s privacy preservation and requirements.

We label each firm and its representing vertex with a unique number . The numbers are randomly assigned to each firm and represent the row number for the player in the graph’s weight matrix. The relation between the identity of a firm and its number is only known to the firm itself and to the neighboring firms. From now on, we name a firm and its representing vertex as a “player” when we refer the firm’s row number and not the true identity of the firm.

In the following, we illustrate an exemplary SCN (Figure 1). The SCN is chosen simple to make the visualization easier and the example more comprehensible. The SCN consists of players. Each player is represented by its own unique number. The set of vertices (players) is .