You are on page 1of 3

International Journal of Emerging Technologies and Engineering (IJETE)

Volume 1 Issue 8, September 2014, ISSN 2348 8050

SECURING CONTRACTS IN BUSINESS INTERACTION PROCESS


Nisha V Bhokare*, Mangesh M Kamble**, Nikhil Wadekar***
*AISSMS, Savitribai Phule Pune University, Pune
** AISSMS, Savitribai Phule Pune University, Pune
*** AISSMS, Savitribai Phule Pune University , Pune

Abstract
Contract is text formatted legal information which is
used in the business interaction. Business interaction or
activity is like bill payment, delivery, purchase order etc
this thinks are include in the contract. We use two
different approaches for securing contract in the business
using first offensive bogus information technology.
When unauthorized access is suspected and then verified
by asking two more time to enter correct OTP (i.e. One
time password),OTP will generated after the company
user login into the system by entering their own login id
password. We use a disinformation attack by returning
large amounts of bogus information to the attacker. This
protects against the misuse of the real contract data and
second dividing contract, saving it on different servers
using encryption and retrieving it by using decryption
methods.

We use a completely different approach to


securing the contract using bogus information
technology, that come to call Fog computing. We use
this technology to launch disinformation attacks against
malicious insiders, preventing them from distinguishing
the real legal business contract data from fake data. In
this paper, we propose two ways of using Fog computing
to prevent attacks such as the Twitter attack, by
deploying bogus information within personal online
social networking profiles by individual users.
1.1. Existing Approach
Existing studies on contract mainly give their
attention towards representation, compilation, working,
model-checking, extraction of business events and
temporal constraints by mining contracts in service
engagement.

2. Securing contract

Keyword-Business interaction, Activities, clustering

1. Introduction
In the modern business world, the interaction
between two or more business parties regulated through
the contract .The contract is text format information
which is used to interact with the business parties.
Business interaction or activity is like bill payment,
delivery, purchase order etc these things are include in
the contract. The contract can help to formalize business
process through which business relationship are realized.
Modern company manages a number of active
contracts for business actions contract are nothing but
text, but include rich knowledge about business
relationship, customer relationship. Securing the contract
in business process is more important and more
complex. In this paper we are trying to secure contract in
the business interaction. The contract can be hacked by
the other parties or outsider. Existing data protection
mechanisms such as encryption have been unsuccessful
in securing data theft attacks.

This approach is based on the idea of business


activities including business-related actions such as
purchase order, delivery, bill payment, etc which is
included in the business contract this legal data need to
be secure from other malicious user. To secure this we
are going to use two way security mechanisms that is
bogus information technology and dividing contract,
saving it on different servers using encryption and
retrieving it by using decryption methods. This helps us
to providing security to the business contract in business
interaction process. For encryption and decryption of
data we are going to use Blowfish algorithm.
2.1. Overview of our Approach
Figure 1 illustrates the flow of our approach
which gives the overview of our approach. First the
contract user enters their Login id and password then
login into the system that time OTP (i.e. one time
password generated then user wants to enter their OTP.
Second if the user enters incorrect OTP the system will
ask two more times to enter correct OTP.

190
www.ijete.org

International Journal of Emerging Technologies and Engineering (IJETE)


Volume 1 Issue 8, September 2014, ISSN 2348 8050

and when a malicious insider illegitimately accesses


business contracts. Bogus data stored alongside the
company real data. Once unauthorized data access and
later verified, by asking two more times to enter correct
OTP, we inundate the malicious insider with bogus
information in order to prevent the companys real
contract data. Such preventive attacks that rely on
disinformation technology could provide high levels of
security in business interaction process. Second is
dividing contract, saving it on different servers using
encryption and retrieving it by using decryption
methods.

Login

OTP Generation
Correct OTP

Incorrect OTP

Login success

Login fail

Contract

We have planned that a contract usually is


drafted and signed before the relevant business
relationship occurs; that is, a contract refers to future
behaviors.

Fake contract

5. Acknowledgment
We thank to Salvatore J. Stolfo, Malek Ben Salem, and
Angelos D. Keromytis for their support in Fog
Computing. We also thank to X. GAO, M. P. Singh, and
P. Mehra and All the authors of the papers whose
description is provided below and authors who are
working towards the same concept.

Clean contract
Clustering
Encryption
Saved on servers

References
Decryption

[1]

X. Gao, M. P. Singh, and P. Mehra, Mining


Contracts for Business Events and Temporal
Constraints in Service Engagements, IEEE
transactions on cloud computing , vol. 5, no. 3,
pp. 333344, Jul. 2013.

[2]

Salvatore J. Stolfo, Malek Ben Salem, Angelos


D. Keromytis Fog Computing: Mitigating
Insider Data Theft Attacks in the Cloud, IEEE
Symposium on Security and Privacy Works,
Under
license
to
IEEE.DOI
10.1109/SPW.2012.19

[3]

X. Gao, M. P. Singh, and P. Mehra, Mining


business contracts for service exceptions, IEEE
Transactions on Services Computing, vol. 5, no.
3, pp. 333344, Jul. 2012.

[4]

C. Molina-Jimenez, S. Shrivastava, and M.


Strano, A model for checking contractual
compliance of business interactions, IEEE
Transactions on Services Computing, vol. 5, no.
2, pp. 276289, 2012.

Fig1. Overview of our Approach


Third if still user enters incorrect OTP then login will
fail and the system will show Any Fake or bogus
contract stored online or offline alongside the company
real contract. Showing bogus contract to contaminated
user will confuse him and avoid further invalid trials.
Fourth if the company user will enter correct OTP then
login will successful and the original contract data will
show to the company user. Fifth clean the contract by
removing noise such as HTML tags and segments the
contracts into sentence collections. Sixth encrypt the
clustered data and save it on the three different servers
and when it is necessary then extract that data by
decrypting.

3. Conclusion and Future work


In this position paper, we use a novel approach
to securing business data like legal contracts. We use
two way security mechanisms, first is monitoring data
access patterns by profiling user behavior to determine if

191
www.ijete.org

International Journal of Emerging Technologies and Engineering (IJETE)


Volume 1 Issue 8, September 2014, ISSN 2348 8050

[5]

P. Radha Krishna and K. Karlapalem,


Electronic
contracts,
IEEE
Internet
Computing, vol. 12, no. 4, pp. 6068, 2008.

[6]

M. Arrington, In our inbox: Hundreds of


confidential twitter documents, July 2009.
[Online].Available:
http://techcrunch.com/2009/07/14/in-our-inboxhundreds-ofconfidential- twitter-documents/

[7]

P. Berkhin, A survey of clustering data mining


techniques, Grouping Multidimensional Data,
pp. 2571, 2006.

[8]

W. van der Aalst, Service mining: Using


process mining to discover, check, and improve
service behavior, IEEE Transactions on
Services Computing, p. 1, 2012.

192
www.ijete.org