Title :
Access Governance: Flexibility with Escalation and Audit
Author :
Zhao, Xia ; Johnson, M. Eric
Abstract :
Managing information access in highly dynamic business environments is increasingly challenging. With thousands of employees accessing thousands of applications and data sources, managers strive to ensure the employees can access the information they need to create value while protecting information from misuse. We propose an access governance structure with escalation options, ensuring both flexibility and security of information. Using a game-theoretic approach, we show that properly coupling information access, audit, violation penalties and rewards can enable self-interested employees to access information in a timely manner, seizing business opportunities for the firm while managing security risks. Surprisingly we find that providing employees with more access than strictly required can reduce control costs and improve profits.
Keywords :
game theory; security of data; access governance; access information; data sources; game-theoretic approach; information access management; security of information; security risk management; Access control; Conference management; Costs; Data security; Environmental economics; Fuel economy; Hospitals; Information security; Protection; Technological innovation;
Conference_Titel :
System Sciences (HICSS), 2010 43rd Hawaii International Conference on
Conference_Location :
Honolulu, HI
Print_ISBN :
978-1-4244-5509-6
Electronic_ISBN :
1530-1605
DOI :
10.1109/HICSS.2010.42
