a r t i c l e i n f o
Article history:Received 27 March 2010Accepted 17 August 2010Available online 21 August 2010
Keywords:Supply chain managementCollaborationSecure multi-party computation
a b s t r a c t
ing coordination under information asymmetry (Stadtler, 2009).Due to the prevalence of information asymmetry, informationsharing is a prerequisite for any collaborative planning approach.Individual members of the supply chain dispose of relevant (pri-vate) data regarding their own operations (e.g. cost and capacitydata, inventory levels, demand forecasts) that need to be ex-
and increase exposure to opportunism. Stadtler (2009), in a simi-lar vain, indicates that companies may not want to weaken theirfuture bargaining power by disclosing sensitive data. He argues,for example, that a supplier would not want to disclose slackcapacities because he runs the risk that the buyer will ask for pricereductions (Stadtler, 2009). Lee and Whang (2000) observe thatmembers of the supply chain are especially reluctant to share costdata because of the potential threat that their customers will takeadvantage of this information to enforce lower prices in future
Corresponding author. Tel.: +49 611 360 18 800; fax: +49 611 360 18 802.
European Journal of Operational Research 208 (2011) 7585
Contents lists availab
w.eE-mail address: firstname.lastname@example.org (Y. Zhang).1. Introduction
It is a well-acknowledged fact that collaboration between dif-ferent members of a supply chain yields a signicant potential toincrease overall supply chain performance. The benets of collab-orative supply chain planning, such as reducing overall supplychain costs and increasing service levels, have been highlightedin many theoretical and empirical studies (e.g. Vereecke andMuylle, 2006). In a general sense, supply chain collaboration(SCC) can be dened as a joint decision making process for aligningplans of individual supply chain members with the aim of achiev-
changed in order to enable joint decision-making. To align inven-tory decisions or synchronize production plans, for example,companies need to share information such as on-hand inventoryand cost/capacity data related to manufacturing and warehousing.There is, however, substantial evidence that information sharing(as a prerequisite for SCC) constitutes the most signicant obstaclefor implementation of SCC. Jap (1999), for example, states the fol-lowing: Along with the possibility of extraordinary outcomes,close collaborations also may bear signicant risks. The processof creating strategic advantages requires sharing of sensitive costand process information [. . .]. This can reduce bargaining powerInformation sharing0377-2217/$ - see front matter 2010 Elsevier B.V. Adoi:10.1016/j.ejor.2010.08.018It is a well-acknowledged fact that collaboration between different members of a supply chain yields asignicant potential to increase overall supply chain performance. Sharing private information has beenidentied as prerequisite for collaboration and, at the same time, as one of its major obstacles. One poten-tial avenue for overcoming this obstacle is Secure Multi-Party Computation (SMC). SMC is a cryptographictechnique that enables the computation of any (well-dened) mathematical function by a number of par-ties without any party having to disclose its input to another party. In this paper, we show how SMC canbe successfully employed to enable joint decision-making and benet sharing in a simple supply chainsetting. We develop secure protocols for implementing the well-known Joint Economic Lot Size (JELS)Model with benet sharing in such a way that none of the parties involved has to disclose any private(cost and capacity) data. Thereupon, we show that although computation of the models outputs can beperformed securely, the approach still faces practical limitations. These limitations are caused by thepotential of inverse optimization, i.e., a party can infer another partys private data from the outputof a collaborative planning scheme even if the computation is performed in a secure fashion. We providea detailed analysis of inverse optimization potentials and introduce the notion of stochastic security,a novel approach to assess the additional information a party may learn from joint computation and ben-et sharing. Based on our denition of stochastic security we propose a stochastic benet sharing rule,develop a secure protocol for this benet sharing rule, and assess under which conditions stochastic ben-et sharing can guarantee secure collaboration.
2010 Elsevier B.V. All rights reserved.Production, Manufacturing and Logistics
Secure collaborative supply chain planniJELS model
Richard Pibernik a,b, Yingying Zhang a,, Florian Kersca Supply Chain Management Institute, EBS Business School, Soehnleinstrasse 8F, 65201 WbMIT-Zaragoza International Logistics Program, Zaragoza Logistics Center, C/Bari 55 Pc SAP Research CEC Karlsruhe, Vincenz-Priessnitz-Strasse 1, 76131 Karlsruhe, Germany
European Journal of
journal homepage: wwll rights reserved.and inverse optimization The
aum c, Axel Schrpfer c
baden, Germany, 50197 Zaragoza, Spain
le at ScienceDirect
lsevier .com/locate /e jor
negotiations. Extensive empirical evidence for the reluctance to-
76 R. Pibernik et al. / European Journal of Opewards information sharing in the supply chain are provided byFawcett et al. (2004) and Bagchi and Skjoett-Larsen (2005). Viswa-nathan et al. (2007) identify this reluctance as the main reason fora lack of success of SCC.
In any conventional form of SCC, these problems cannot beovercome. If members of the supply chain are indeed not willingto share information other than what is considered uncritical(e.g. demand forecasts), SCC will not be put into practice. One pos-sible avenue to overcome these barriers is the application of SecureMulti-Party Computation (SMC) to collaborative planning in thesupply chain. SMC is a cryptographic technique that allows forcomputation of any (well-dened) mathematical function by anumber of parties without any party having to disclose its inputto another party. Each partys input remains private to that party,but the result can be made available to all, or only to a subset, ofthe other parties.1 Consider the following simple example to illus-trate the basic idea of SMC (Schneier, 1996): Alice, Bob and Charlieeach has a number xA, xB and xC as (private) input and want to com-pute x = xA + xB + xC. However, they do not want to disclose their pri-vate data to each other. Alice chooses a random number r andprivately sends r + xA to Bob. Bob adds his input and privately sendsr + xA + xB to Charlie. Charlie does the same with his input and sendsr + xA + xB + xC back to Alice. Alice recalls r, subtracts it from the re-ceived value r + xA + xB + xC and announces x = xA + xB + xC. Observingthe messages exchanged between Alice, Bob and Charlie, it is easy tosee that neither one of them learns the input of the other parties, e.g.Bob is blinded by the random choice r of Alice, and Alice does not getto see the message (including r + xA + xB) sent by Bob to Charlie.Cryptography research has proven that there exists such a protocolfor any well-dened function /(xA,xB, . . .) for any (nite) number ofparties (Yao, 1986; Goldreich, 2002). It is important to note thatSMC does not rely on a (trusted) third party to perform computa-tions and ensure data privacy, but is based on decentralized compu-tation implemented through so-called secure protocols.
In this paper, we show how SMC can be successfully employedin the context of SCC to overcome the problems related to revela-tion of sensitive private data. More specically, we demonstratehow joint decision-making and benet sharing can be imple-mented without disclosing private data of the individual membersof the supply chain. We use the well-known Joint Economic LotSize (JELS) Model (Banerjee, 1986) to demonstrate the potentialof SMC for collaborative supply chain planning. Although the JELSmodel is rather simplistic in that it addresses a very basic two-party problem, we consider it particularly useful in the contextof our research: rst of all, it allows us to simultaneously studyinformation sharing, joint planning and benet sharing issues ina fairly simple and intuitive setting. Also, in its conventional form,the JELS model yields closed form solutions that are easy to deriveand that lend themselves to direct development of secure protocolsfor joint decision-making, benet sharing, and further structuralanalysis.
The contributions of the research presented in this paper can besummarized as follows: we rst develop protocols that allow fordecentralized secure (privacy preserving) computation of boththe joint economic lot size and the monetary benets that areshared among the parties according to different benet sharingrules. Thereupon, we show that although computation of the mod-els outputs can be performed securely, the approach still facespractical limitations. These limitations are caused by the potentialof inverse optimization (Atallah et al., 2006): one or all parties in-volved may be able to infer some or all of the private data of other1 The basic theoretical results of secure computation have been established morethan 25 years ago. A comprehensive review of SMC can be found in Goldreich (2002).parties from the output of the joint computation (in our case thejoint economic lot size and the individual benets). For all practicalpurposes, we can assume that for parties engaged in SCC it is irrel-evant whether their data is disclosed during joint computation orcan be inferred from its results. In either case sensitive data willbe disclosed; as a consequence, the most important obstacle toSCC will prevail. We provide a detailed analysis of inverse optimi-zation potentials and identify the information that can be inferredfrom the output of the JELS model. We also introduce the notion ofstochastic security, a novel approach based on the additionalinformation a party may learn from joint computation and benetsharing. Based on our denition of stochastic security we pro-pose a stochastic benet sharing rule, provide a secure protocolfor this benet sharing rule and study, under which conditions itcan guarantee secure collaboration. Next to the development of asecure collaboration mechanism based on the JELS model, the nd-ings and insights coming from our research specically with re-spect to stochastic security can be generalized to different supplychain settings in which SMC can help overcome the problems asso-ciated with sharing sensitive data.
Our research contributes to a relatively new eld in supplychain management. To the best of our knowledge, only three pa-pers have so far addressed the application of SMC to supply chaincollaboration. Atallah et al. (2003) develop secure protocols forallocating the xed capacity of a supplier to multiple buyers. Theyconsider a different problem setting that focuses only on informa-tion sharing rather than on collaborative planning and benetsharing. Also, they do not address the problem of inverse optimiza-tion. Clifton et al. (2008) consider load swapping between indepen-dent trucking companies that have individual pick-up and deliverytasks. They develop a secure protocol for swapping loads withoutdisclosing any private information of the trucking companies, ex-cept the loads to be swapped. In their paper, they neither (haveto) explicitly consider benet sharing nor do they address theproblem of inverse optimization. Atallah et al. (2006) addressSMC in the context of collaborative planning, forecasting, andreplenishment (CPFR). They consider a two-stage serial supplier-retailer setting with non-stationary stochastic demand and providesecure protocols for both collaborative forecasting and replenish-ment. Atallah et al. are the rst to address the problem of inverseoptimization; they provide intuition into which data can belearned by the two parties involved in CPFR. Due to the complexityof their model, however, it is difcult (if not impossible) to conducta rigorous analysis of inverse optimization potentials. Moreover,they consider inverse optimization in a very strict sense, i.e., thatone party can obtain perfect knowledge about the private data ofthe other party from the outputs of the collaborative planningmechanism. In our paper, we provide secure protocols for a simpler(although practically relevant) model that also allows us to gaindeeper analytical insights into the potential of inverse optimiza-tion. In addition, our analysis is based on a less restrictive and, aswe believe, a more practical interpretation of inverse optimization.Besides assessing the potential for obtaining perfect knowledge ofanother partys private data, we also analyze how much additionalinformation can be obtained, given that each party had some priorknowledge about the private data of another party.
The remainder of this paper is organized as follows: in the nextsection, we introduce the JELS model and describe a secure proto-col for determining both the joint economic lot size and the bene-ts of the individual parties. We also provide a formal analysis ofthe private data that each party can learn from the joint planningresult from inverse optimization under deterministic conditions.In Section 3 we provide a denition of stochastic security, establish
rational Research 208 (2011) 7585general properties of this concept and analyze, under which condi-tions the JELS model with alternative benet sharing rules isstochastically secure. In Section 4 we develop a stochastic benet
that the cost increase on the buyers side is more than offset by a
f Operational Research 208 (2011) 7585 77cost decrease on the suppliers side, i.e. TRCA qB TRCAqJ >TRCBqJ TRCBqB (Banerjee, 1986). To incentivize the buyer todeviate from his individual optimal order quantity qB the suppliercan offer a side payment to compensate the cost increase on thesharing rule that can, under certain conditions, guarantee securityof the collaborative planning mechanism. Section 5 provides asummary of our major ndings and outlines the potential for fu-ture research.
2. The secure JELS model
In this section we introduce the JELS Model with alternativebenet sharing rules, describe secure protocols based on SMC thatenable secure computation of the models results and provide arst analysis of the (deterministic) security of the JELS model withalternative benet sharing rules.
2.1. The conventional JELS model
Consider a simple supply chain setting with a single supplier(party A) and a single buyer (party B) of a specic product. Thebuyer and the supplier have negotiated a xed supply quantity ofd units per period. Without loss of generality, we assume thatthe buyer decides upon his order quantity, denoted by qB, andthe (corresponding) number of orders d/qB, which he places tothe supplier. It is assumed that the supplier has sufcient capacityto fulll the buyers ord...