@INPROCEEDINGS{KARA-06-STM, author = {Yuecel Karabulut and Flourean Kerschbaum and Phillip Robinson and Fabio Massacci and Artsiom Yautsiukhin}, title = {Security and Trust in IT Business Outsourcing: a Manifesto.}, booktitle = STM-06, year = {2006}, volume = {179}, pages = {47--58}, publisher = EP, abstract = {Nowadays many companies understand the bene?t of outsourcing. Yet, in current outsourcing practices, clients usually focus primarily on business objectives and se- curity is negotiated only for communication links. It is however not determined how data must be protected after transmission. Strong protection of a communication link is of little value if data can be easily stolen or corrupted while on a supplier's server. The problem raises a number of related challenges such as: identi?cation of metrics which are more suitable for security-level negotiation, client and con- tractor perspective and security guarantees in service composition scenarios. These challenges and some others are discussed in depth in the article.}, issn = {1571-0661}, pdf = {E:\user\warlock\CVS\SecureTropos\Documentation\KARA-06-STM.pdf}, url = {http://dit.unitn.it/~evtiukhi/Resources/KARA-06-STM.pdf}, }