Requirements for Usage Control based Exchange of Sensitive Data in Automotive Supply Chains

Current inter-organizational data exchange is restricted to essential information that serves to fulfill contractual commitments. Restricting the exchange of data in these terms, leads to non-consideration of potential improvements in operational processes. One objective of this article is to expose the variety of reasons that prevent these data from being exchanged. The focus is paid to data that are exchangeable from a technical and legal point of view, but whose exchange is not desirable from a company's perspective for reasons like potential data misuse or competition disadvantages. Based on our findings we derive a set of requirements for a software prototype, which is properly equipped to enable the exchange of sensitive data, paving the way of fostering transparency in automotive supply chains. For this purpose, we draw from a deep single-case study in the German automotive industry dealing with the exchange of demand and capacity information.