Building trust in virtual organisations

TrustCoM, an IST-funded project, is tackling the very real problem of establishing trust between organisations online, and ensuring the security of digital transactions and electronic business processes.

By employing innovative and well known Service-Oriented Architecture (SOA) open source tools in a generic framework in a distributed environment, the project is addressing the trust, security and contract management issues that have so far hindered the widespread creation of dynamic virtual organisations – the kind of associations between distributed and often very different companies that could fuel a new era of efficient, global business.

“The trouble is convincing companies that the benefits outweigh the costs and calming their concerns about exposing themselves online,” explains TrustCoM coordinator Santi Ristol at Atos Origin in Spain.

The concerns about opening up internal operations and private data are less of an issue between long-established partners who are just automating their existing processes, thereby creating an essentially static virtual organisation. But it becomes a major issue in the case of new or evolving partnerships, or associations that are meant to exist briefly, in some cases for only a single transaction. It is therefore in dynamic virtual organisations where solving the trust issue is paramount and it is here that technology can have the greatest impact on building confidence between partners.

“What we are doing in TrustCoM is developing the technology to build trust into online business transactions,” Ristol notes. “If we can prove to businesses that the technology exists and works then we will be able to overcome some of their concerns.”

The technology has been made possible by the flexibility and adaptability provided by Service-Oriented Architecture (SOA) as a means of software development. With its loose coupling of interoperable services, SOA allows businesses to adapt their IT systems to meet rapidly changing business and partnership needs.

The tools being developed by the project cover the qualification of companies as a means to select suppliers and partners; a system to document and monitor contractual relationships, and establish criteria about what all participants in the business chain should do; and the means to identify partners who fail to fulfil their obligations.

The framework is also designed to be flexible enough to adapt to the virtual organisation being reconfigured with the entry of new members or the exit of old ones. It will also maintain security for participants by ensuring that partners have the ability to share only the processes and data they need, and no more.

“As yet there is no culture of collaboration online,” Ristol argues. “For that culture to develop and for companies to start trusting each other in the digital domain there need to be concrete examples of virtual organisations that work well, produce clear benefits for the participants and are not exposed to undue security risks.”

However, someone must first be a pioneer and take up the challenge, creating what Ristol describes as a “chicken and egg situation.”

TrustCoM’s framework represents an important step toward cracking the problem and its deployment in two trials later this year is expected to provide the proof needed to show that secure, trustworthy online business is possible.

In one of the trials, TrustCoM’s prototype framework and tools will be used by aircraft manufacturer BAE Systems and its parts suppliers to manage and automate supply chain processes. In the other, the technology will be implemented to aggregate internet services for mobile users in the e-learning domain.

“Companies have to rethink their traditional business models if they are to take advantage of the efficiency gains provided by virtual organisations,” Ristol says. “Legal issues also have to be ironed out, especially as most legislation today covers paper contracts not digital ones.”

The coordinator says it is likely that initially the project’s technology partners, among them Microsoft, IBM and SAP, will use components of the TrustCoM framework, rather than the framework as a whole, to enhance their existing tools or even develop new software.

He believes ICT services partners, like BT, are also likely to leverage TrustCoM’s results and the SOA paradigm to offer value-added network services, facilitating the seamless integration of application services across enterprises. To that extent, the experience of pre-competitive research in the context TrustCoM is likely to contribute to the enhancement of BT's 21C network initiative.

All of the tools will be available online, probably on SourceForge.net, under open source licences before the end of this year, Ristol says.

Source: Based on information from TrustCoM