{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,11,3]],"date-time":"2023-11-03T11:10:53Z","timestamp":1699009853827},"reference-count":51,"publisher":"EDP Sciences","license":[{"start":{"date-parts":[[2021,5,7]],"date-time":"2021-05-07T00:00:00Z","timestamp":1620345600000},"content-version":"vor","delay-in-days":126,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["ITM Web Conf."],"published-print":{"date-parts":[[2021]]},"abstract":"<jats:p>Service Science can be described through information, that underpins knowledge as enabler of service value chain. Therefore data, as a part of information, is a basic asset of the service market where undertakings constantly face high competition and try to protect such assets from malicious attackers. Information as to be preserved also for regulatory constraints, and traditional organizational models can have limits in doing so. In this paper it is discussed the possibility to manage both data protection and cyber security through an information security integrated management service (ISIMS). In fact, as per other cross-functional knowledge, information security and data privacy compliance can be managed via an integrated approach, as a possible evolution of the common organizational separation between their respective domains, namely Legal and IT. Moreover, this paper identifies major areas of benefits as well as current lack of integrated systems for information safeguard in Service Science.<\/jats:p>","DOI":"10.1051\/itmconf\/20213802005","type":"journal-article","created":{"date-parts":[[2021,5,7]],"date-time":"2021-05-07T08:38:46Z","timestamp":1620376726000},"page":"02005","source":"Crossref","is-referenced-by-count":0,"title":["Safeguarding Information in Service Science with Service Integration"],"prefix":"10.1051","volume":"38","author":[{"given":"Diego","family":"Padovan","sequence":"first","affiliation":[]},{"given":"Javid","family":"Taheri","sequence":"additional","affiliation":[]},{"given":"Fabrizio","family":"d\u2019Amore","sequence":"additional","affiliation":[]}],"member":"250","published-online":{"date-parts":[[2021,5,7]]},"reference":[{"key":"R1","unstructured":"IBM Global CIO Study http:\/\/www-05.ibm.com\/innovation\/it\/ciostudy\/"},{"key":"R2","doi-asserted-by":"crossref","unstructured":"Jaggi S.; Langberg M.; Katti S.; Ho T., Resilient network coding in the presence of Byzantine adversaries, Browse Conference Publications > INFOCOM 2007, 26th IEEE","DOI":"10.1109\/INFCOM.2007.78"},{"issue":"6","key":"R3","doi-asserted-by":"crossref","first-page":"783","DOI":"10.1080\/01411920802041392","volume":"34","author":"Leach","year":"2008","journal-title":"British Educational Research Journal"},{"key":"R4","unstructured":"Hallova Marcela, Polakovic Peter, Silerova Edita, Slovakova Ivana: Data Protection and Security in SMEs under Enterprise Infrastructure. Agris on-line Papers in Economics and Informatics, Volume XI, Number 1, 2019"},{"key":"R5","doi-asserted-by":"crossref","unstructured":"Maglio Paul P. & Spohrer Jim: Fundamentals of Service Science. Academy of Marketing Science, DOI: 10.1007\/s11747-007-0058-9 (2007)","DOI":"10.1007\/s11747-007-0058-9"},{"key":"R6","unstructured":"Salvendy G., Karwowski W., Spohrer J., Maglio P.P.: Service Science: Toward a Smarter Planet. In: Introduction to Service Engineering. John Wiley (2010)"},{"key":"R7","doi-asserted-by":"crossref","first-page":"35","DOI":"10.1145\/1139922.1139945","volume":"49","author":"Chesbrough","year":"2006","journal-title":"Communication of the ACM"},{"key":"R8","doi-asserted-by":"crossref","unstructured":"Spohrer Jim, Maglio Paul P., Bailey John, Gruhl Dan: Steps Toward a Science of Service Systems. IBM Research, DOI: 10.1109\/MC.2007.33 (2007)","DOI":"10.1109\/MC.2007.33"},{"key":"R9","doi-asserted-by":"crossref","first-page":"238","DOI":"10.3401\/poms.1080.0027","volume":"17","author":"Spohrer","year":"2008","journal-title":"Production and Operations Management"},{"key":"R10","unstructured":"Salvendy G., Karwowski W., Spohrer J., Maglio P.P.: Service Science: Toward a Smarter Planet. In: Introduction to Service Engineering. John Wiley (2010)"},{"key":"R11","doi-asserted-by":"crossref","unstructured":"Dragoicea Monica, Borangiu Theodor: A Service Science Knowledge Environment in the Cloud. IFAC Proceedings Volumes, Volume 45, Issue 6, 2012, DOI: 10.3182\/20120523-3-RO-2023.00438 (2012)","DOI":"10.3182\/20120523-3-RO-2023.00438"},{"issue":"1","key":"R12","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1177\/1094670504266131","volume":"7","author":"Lovelock","year":"2004","journal-title":"Journal of Service Research"},{"key":"R13","doi-asserted-by":"crossref","unstructured":"Borangiu T., Dragoicea M., Oltean E., Iacob I. (2013) A Model for Open, On-Demand, Collaborative Education for Service Science. In: Falcao e Cunha J., Snene M., Novoa H. (eds) Exploring Services Science. IESS 2013. Lecture Notes in Business Information Processing, vol 143. Springer, Berlin, Heidelberg. https:\/\/doi.org\/10.1007\/978-3-642-36356-624","DOI":"10.1007\/978-3-642-36356-6_24"},{"issue":"4","key":"R14","doi-asserted-by":"crossref","first-page":"v","DOI":"10.1287\/serv.2017.0195","volume":"9","author":"Borangiu","year":"2017","journal-title":"Service Science"},{"key":"R15","doi-asserted-by":"crossref","unstructured":"Resta B., Gaiardelli P., Cavalieri S., Dotti S. (2016) Designing and configuring the value creation network for sensitization. Borangiu T., Dragoicea M., Novoa H., eds. Exploring Services Science. Lecture Notes in Business Information Processing, Vol. 247 (Springer, Cham, Switzerland), 457\u2013470.","DOI":"10.1007\/978-3-319-32689-4_35"},{"issue":"5","key":"R16","doi-asserted-by":"crossref","first-page":"124","DOI":"10.1145\/1506409.1506439","volume":"52","author":"Galup","year":"2009","journal-title":"Comm. ACM"},{"key":"R17","doi-asserted-by":"crossref","unstructured":"Nonaka I. e Takeuchi H., The Knowledge Creating Company, NY; Oxford University Press, 1995","DOI":"10.1093\/oso\/9780195092691.001.0001"},{"issue":"1","key":"R18","doi-asserted-by":"crossref","first-page":"262","DOI":"10.17512\/pjms.2017.15.1.25","volume":"15","author":"Wielky","year":"2017","journal-title":"Polish Journal of Management Studies"},{"issue":"2","key":"R19","first-page":"125","volume":"7","author":"Jones","year":"2003","journal-title":"Journal of Systems and Information Technology"},{"key":"R20","doi-asserted-by":"crossref","unstructured":"Inukollu V.N., Arsi S., and Ravuri S.R., Security issue Associated with Big data in Cloud Computing, Int. J. of Network Security and its Application, vol. 6, Issue 3, 2014","DOI":"10.5121\/ijnsa.2014.6304"},{"key":"R21","unstructured":"Feltus Christophe: Deriving Information System Security and Privacy From Value Cocreation Theory: Case Study in the Financial Sector. Luxembourg Institute of Science and Technology, Esch-sur-Alzette, LU"},{"key":"R22","doi-asserted-by":"crossref","unstructured":"Yadav Dharminder, Maheshwari Himani, Chandra Umesh: Big Data Hadoop: Security and Privacy. 2nd International Conference on Advanced Computing and Software Engineering (ICACSE-2019)","DOI":"10.2139\/ssrn.3350308"},{"key":"R23","doi-asserted-by":"crossref","unstructured":"Fielden K. (2010): Information Security Framework, 2010 International Conference on Information Society, 25\u201330.","DOI":"10.1109\/i-Society16502.2010.6018758"},{"key":"R24","doi-asserted-by":"crossref","unstructured":"Muneeb-ul-Hasan Siti Hajar Othman, Md Arshad Marina: A Conceptual Framework of Information Security Database Audit and Assessment. International Journal of Innovative Computing 9(1) 7\u201313","DOI":"10.11113\/ijic.v9n1.206"},{"key":"R25","unstructured":"ISO 31000: 2009. Risk management \u2014 Principles and guidelines"},{"key":"R26","unstructured":"ISO\/IEC 27005: 2018. Information technology - Security Techniques - Information Security Risk Management, Switzerland"},{"key":"R27","unstructured":"ISO Guide 73: 2009. Risk Management - Vocabulary."},{"key":"R28","unstructured":"Enterprise Risk Management - Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission (COSO), September 2004"},{"key":"R29","unstructured":"Guide for Conducting Risk Assessments. Information Security, NIST Special Publication 800-30, Revision 1, September 2012. https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-30\/rev-NIST Special Publication 800-30, Revision 1, September 2012. https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-30\/rev-1\/final, accessed on Jun. 21, 2018."},{"key":"R30","doi-asserted-by":"crossref","unstructured":"Mohyeddin M.A., Gharaee H. (2014). FAHP-TOPSIS risks ranking models in ISMS. Proceedings of the 7th International Symposium on Telecommunications (IST), Tehran, Iran, pp. 879\u2013881. https:\/\/doi.org\/10.1109\/ISTEL.2014.7000827","DOI":"10.1109\/ISTEL.2014.7000827"},{"key":"R31","unstructured":"Principles for the Sound Management of Operational Risk. Bank for International Settlements, June 2011."},{"key":"R32","unstructured":"Von Roessing R. (2010). An Introduction to the Business Model for Information Security. ISACA"},{"key":"R33","unstructured":"Guide for Conducting Risk Assessments. Information Security, NIST Special Publication 800-30, Revision 1, September 2012. https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-30\/rev-NIST Special Publication 800-30, Revision 1, September 2012. https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-30\/rev-1\/final, accessed on Jun. 21, 2018."},{"key":"R34","unstructured":"ISO\/IEC 27001: 2013. Information Technology - Security Techniques - Information Security Management Systems - Requirements, Switzerland, 2013."},{"key":"R35","doi-asserted-by":"crossref","unstructured":"Landoll D.J. (2006). The Security Risk Assessment Handbook, A Complete Guide for Performing Security Risk Assessments. Auerbach Publications, Boca Raton, FL, US","DOI":"10.1201\/9781420031232"},{"key":"R36","unstructured":"Wheeler E. (2011). Security Risk Management: Building an Information Security Risk Management Program from the Ground Up. Elsevier Inc., Waltham, MA, US."},{"issue":"2","key":"R37","doi-asserted-by":"crossref","first-page":"161","DOI":"10.18280\/ijsse.100202","volume":"10","author":"Macek","year":"2020","journal-title":"International Journal of Safety and Security Engineering"},{"issue":"1","key":"R38","doi-asserted-by":"crossref","first-page":"247","DOI":"10.1016\/j.eswa.2011.07.015","volume":"39","author":"Lo","year":"2012","journal-title":"Expert Systems with Applications"},{"issue":"1","key":"R39","first-page":"29","volume":"1","author":"Lee","year":"2014","journal-title":"International Journal of Computer Science & Information Technology (IJCSIT)"},{"issue":"1","key":"R40","doi-asserted-by":"crossref","first-page":"339","DOI":"10.1162\/003355302753399526","volume":"117","author":"Bresnahan","year":"2002","journal-title":"Quarterly Journal of Economics"},{"issue":"1","key":"R41","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1108\/14637159510798248","volume":"1","author":"Zairi","year":"1995","journal-title":"Business Process Management Journal"},{"issue":"4","key":"R42","first-page":"395","volume":"7","author":"Maglio","year":"2009","journal-title":"Information Systems and eBusiness Management"},{"key":"R43","unstructured":"Houlding David, MSc, CISSP: \u00abHealth Information at Risk: Successful Strategies for Healthcare Security and Privacy\u00bb Healthcare IT Program Of ce Intel Corporation, white paper 2011"},{"key":"R44","unstructured":"d\u2019Amore Fabrizio, Fantozzi Paolo, Laura Luigi, Padovan Diego: On Enterprise Data Encryption: Good, Bad and Ugly, in press 2021, accepted paper MENACIS 2020"},{"key":"R45","unstructured":"Padovan Diego: Contact Tracing Tools and Social Media Platforms Analysis of Crossing Big Data Sources. In press 2021, accepted paper ICTO 2020."},{"key":"R46","unstructured":"Kiran A.: Privacy and Security in Big Data Management. International Journal in recent trends in engineering research, ISSN (online) 2455-1457"},{"key":"R47","unstructured":"REGULATION (EU) 2016\/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, (General Data Protection Regulation), https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32016R0679"},{"key":"R48","doi-asserted-by":"crossref","first-page":"314","DOI":"10.1016\/j.ins.2014.01.015","volume":"275","author":"Chen","year":"2014","journal-title":"Information Sciences"},{"key":"R49","unstructured":"Directive 95\/46\/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data"},{"issue":"1","key":"R50","doi-asserted-by":"crossref","first-page":"2","DOI":"10.1108\/IJOPM-02-2012-0086","volume":"34","author":"Baines","year":"2013","journal-title":"Internat. J. Oper. Production Management"},{"key":"R51","doi-asserted-by":"crossref","unstructured":"Feltus Christophe: Deriving Information System Security and Privacy From Value Cocreation Theory: Case Study in the Financial Sector. International Journal of Service Science, Management, Engineering, and Technology, Volume 10 \u2022 Issue 4 \u2022 October- December 2019","DOI":"10.4018\/IJSSMET.2019100101"}],"container-title":["ITM Web of Conferences"],"original-title":[],"link":[{"URL":"https:\/\/www.itm-conferences.org\/10.1051\/itmconf\/20213802005\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,11,3]],"date-time":"2023-11-03T10:50:20Z","timestamp":1699008620000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.itm-conferences.org\/10.1051\/itmconf\/20213802005"}},"subtitle":[],"editor":[{"given":"G.","family":"Di Marzo-Serugendo","sequence":"first","affiliation":[]},{"given":"M.","family":"Dr\u0103goicea","sequence":"additional","affiliation":[]},{"given":"J.","family":"Ralyt\u00e9","sequence":"additional","affiliation":[]}],"short-title":[],"issued":{"date-parts":[[2021]]},"references-count":51,"alternative-id":["itmconf_iess2021_02005"],"URL":"https:\/\/doi.org\/10.1051\/itmconf\/20213802005","relation":{},"ISSN":["2271-2097"],"issn-type":[{"value":"2271-2097","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]}}}