期刊
INTERNATIONAL JOURNAL OF PRODUCTION RESEARCH
卷 59, 期 11, 页码 3430-3445出版社
TAYLOR & FRANCIS LTD
DOI: 10.1080/00207543.2021.1884311
关键词
Trust; risk management; security; supply chain; technology management; organizational theory
This paper discusses supply chain attacks in the modern supply chain, introduces the application of zero trust concept in the supply chain, and explores the steps for organizations to transition to a zero trust model.
The modern supply chain is characterised by an ill-defined and porous perimeter, allowing entry points for potential adversaries to intercept sensitive information and disrupt operations. Such supply chain attacks are increasing in frequency and their impacts can be costly to an organisation. Trust between supply chain partners is commonly thought to be a risk management tool, where increasing trust results in reduced risk. However, increased trust may actually expose the supply chain to more risk, not less. In this paper, we propose the concept of the zero trust supply chain. Originating in the field of information technology and cybersecurity, a zero trust philosophy assumes that all actors and activity are untrusted. In contrast to perimeter-based security, which attempts to keep adversarial actors out, a zero trust-based security posture assumes that adversaries are already inside the system, and therefore imposes strict access and authentication requirements. In this paper, we map zero trust concepts to the supply chain, and discuss the steps an organisation might take to transition to zero trust. We set forth a research agenda by examining zero trust through the lens of several organisational theories and propose a number of research propositions.
作者
我是这篇论文的作者
点击您的名字以认领此论文并将其添加到您的个人资料中。
推荐
暂无数据