Article Preview
TopIntroduction
Recently, information sharing becomes one of the key research issues in logistics and supply chain management (Li, Sikora, Shaw, & Tan, 2006; Lin, Huang, & Lin, 2002; Yan & Woo, 2004; Cachon & Fisher, 2000; Chen, 2003). By sharing information among participants, the visibility of logistics and supply chain is improved and thus the performance of the supply chain. With the adoption of radio frequency identification (RFID) technology, information sharing among participants in a supply chain is greatly facilitated. Simultaneously, RFID enabled supply chain arises the concerns on inappropriate sharing of sensitive information such as transaction records (Juels, 2006; Weis, Sarma, Rivest, & Engels, 2003; Fokoue, Srivatsa, Rohatgi, Wrobel, & Yesberg, 2009). How to balance the conflicts between the performance improvement of supply chain and the reduction of information shared especially sensitive information becomes one of the hottest research topics now.
To protect sensitive information being shared, there are several existing approaches in the literatures. Role-based access control is proposed in (Ferraiolo, Sandhu, Gavrila, Kuhn, & Chandramouli, 2001) in which participants of a supply chain are entitled with different access right to the data shared according to their roles. Those roles are pre-defined in enterprise's database but a person might own more than one role in the same database decided by his/here actual role in organization structure. Alternatively, (Chu, Cheung, & Du, 2008) proposed a relation-based access control to handle the situation that a person has multiple roles. In their work, a partner relationship is formed to share sensitive information among participants with close inter-connection which were generally grouped by contracts in supply chain management. And the sharing scheme consists of exchanging their preference and privacy models. How to define the privacy scheme including the preference models is not mentioned in this work which is the core part in protecting sensitive information. Intuitively, how to share sensitive information and how much information will be shared depend on individual's diverse preference. It is hard to set a universal sharing standard for each participant to follow. Usually, one decides one's sharing scheme based on the negotiation result with his/her partners. Game theoretic approach then becomes the natural solution to this scenario due to its ability to model dynamic and complex situation. Related game theoretic works can be found in (Hennet & Arda, 2008; Krajewska, Kopfer, Laporte, Ropke, & Zaccour, 2008; Li, 2002). Authors in (Hennet & Arda, 2008) proposed a coordination game which coordinates participants in the supply chain with the purpose to enhance the efficiency. Authors in (Krajewska, Kopfer, Laporte, Ropke, & Zaccour, 2008) defined a cooperative game to encourage the autonomous cooperation among all participants in the supply chain. While these game theoretic approaches does not model the willingness of the participants to share sensitive information and how to share information when there exist other concerns such as privacy concern.