Abstract

http://ssrn.com/abstract=1490186
 


 



On The Prevention of Fraud and Privacy Exposure in Process Information Flow


Xue Bai


University of Connecticut, School of Business

Ram D. Gopal


University of Connecticut - Department of Operations & Information Management

Manuel Nunez


University of Connecticut - Department of Operations & Information Management

Dmitry Zhdanov


University of Connecticut - School of Business

October 16, 2009


Abstract:     
Growing complexity of modern information processing systems in many service-oriented industries has resulted in increasing exposure of private information. This has lead to heightened security concerns related to identity theft: an employee has access to too much personally identifiable information; and snooping: an employee has opportunities to step beyond the boundaries of their work function. There are significant implementation challenges in the use of traditional role-based access controls in large-scale complex business environments with evolving processes and workforce constraints. In this paper, we develop a mathematical model for designing secure workflows in business processes where information security serves as a set of constraints. Our model enables organizations to design and adequately staff the business processes to eliminate information based security concerns. Further, our model enables design of efficient workflows that minimize security threats when significant staffing constraints exist. Our model is applicable to any digital transformation that involves confidential data sequences that carry vulnerability as is often the case in many settings such as health care, online banking, electronic payment systems, and inter-organizational data interchange.

Keywords: business process, workflow design, security, confidentiality, queueing theory, open Jackson networks

working papers series


Not Available For Download

Date posted: October 17, 2009 ; Last revised: July 1, 2010

Suggested Citation

Bai, Xue and Gopal, Ram D. and Nunez, Manuel and Zhdanov, Dmitry, On The Prevention of Fraud and Privacy Exposure in Process Information Flow (October 16, 2009). Available at SSRN: http://ssrn.com/abstract=1490186

Contact Information

Xue Bai (Contact Author)
University of Connecticut, School of Business ( email )
368 Fairfield Road
Storrs, CT 06269-2041
United States
HOME PAGE: http://www.business.uconn.edu/cms/p461/u823/mc/r
Ram D. Gopal
University of Connecticut - Department of Operations & Information Management ( email )
368 Fairfield Road
Storrs, CT 06269-2041
United States
Manuel Nunez
University of Connecticut - Department of Operations & Information Management ( email )
368 Fairfield Road
Storrs, CT 06269-2041
United States
Dmitry Zhdanov
University of Connecticut - School of Business ( email )
368 Fairfield Road
Storrs, CT 06269-2041
United States
Feedback to SSRN


Paper statistics
Abstract Views: 311

© 2014 Social Science Electronic Publishing, Inc. All Rights Reserved.  FAQ   Terms of Use   Privacy Policy   Copyright   Contact Us
This page was processed by apollo8 in 0.328 seconds