<p>Organizations that collect and use large volumes of personal information are expected under the principle of accountable data governance to take measures to protect data subjects from risks that arise from inapproriate uses of this information. In this paper, we focus on a specific class of mechanisms—audits to identify policy violators coupled with punishments—that organizations such as hospitals, financial institutions, and Web services companies may adopt to protect data subjects from privacy and security risks stemming from inappropriate information use by insiders. We model the interaction between the organization (defender) and an insider (adversary) during the audit process as a repeated game. We then present an audit strategy for...
It is well understood that security informatics is constrained by the availability of reliable data ...
International audienceOpaque communications between groups of data processors leave individuals out ...
With the increase in digital automation of financial statements and computer-based audit evidence, I...
Organizations that collect and use large volumes of personal information are expected under the prin...
<p>Modern organizations (e.g., hospitals, banks, social networks, search engines) hold large volumes...
<p>Effective enforcement of laws and policies requires expending resources to prevent and detect off...
We introduce a game-theoretic model to investigate the strategic interaction between a cyber insuran...
none4siPurpose: Privacy concerns and data security are changing the risks for businesses and organis...
This study examines a mathematical model to determine the timing and consequently volume of transact...
Current legal frameworks for data protection have a number of flaws. The notion of informed consent ...
Modern organizations (e.g., hospitals, social networks, government agencies) rely heavily on audit t...
Modern organizations (e.g., hospitals, social networks, gov-ernment agencies) rely heavily on audit ...
Due to the rise of data breaches, organisations constantly need to develop new strategies and securi...
© 2016 by the Association for Information Systems.Privacy and security concerns are pervasive becaus...
Modern organizations (e.g., hospitals, social networks, gov-ernment agencies) rely heavily on audit ...
It is well understood that security informatics is constrained by the availability of reliable data ...
International audienceOpaque communications between groups of data processors leave individuals out ...
With the increase in digital automation of financial statements and computer-based audit evidence, I...
Organizations that collect and use large volumes of personal information are expected under the prin...
<p>Modern organizations (e.g., hospitals, banks, social networks, search engines) hold large volumes...
<p>Effective enforcement of laws and policies requires expending resources to prevent and detect off...
We introduce a game-theoretic model to investigate the strategic interaction between a cyber insuran...
none4siPurpose: Privacy concerns and data security are changing the risks for businesses and organis...
This study examines a mathematical model to determine the timing and consequently volume of transact...
Current legal frameworks for data protection have a number of flaws. The notion of informed consent ...
Modern organizations (e.g., hospitals, social networks, government agencies) rely heavily on audit t...
Modern organizations (e.g., hospitals, social networks, gov-ernment agencies) rely heavily on audit ...
Due to the rise of data breaches, organisations constantly need to develop new strategies and securi...
© 2016 by the Association for Information Systems.Privacy and security concerns are pervasive becaus...
Modern organizations (e.g., hospitals, social networks, gov-ernment agencies) rely heavily on audit ...
It is well understood that security informatics is constrained by the availability of reliable data ...
International audienceOpaque communications between groups of data processors leave individuals out ...
With the increase in digital automation of financial statements and computer-based audit evidence, I...