On The Prevention of Fraud and Privacy Exposure in Process Information Flow

Growing complexity of modern information processing systems in many service-oriented industries has resulted in increasing exposure of private information. This has lead to heightened security concerns related to identity theft: an employee has access to too much personally identifiable information; and snooping: an employee has opportunities to step beyond the boundaries of their work function. There are significant implementation challenges in the use of traditional role-based access controls in large-scale complex business environments with evolving processes and workforce constraints. In this paper, we develop a mathematical model for designing secure workflows in business processes where information security serves as a set of constraints. Our model enables organizations to design and adequately staff the business processes to eliminate information based security concerns. Further, our model enables design of efficient workflows that minimize security threats when significant staffing constraints exist. Our model is applicable to any digital transformation that involves confidential data sequences that carry vulnerability as is often the case in many settings such as health care, online banking, electronic payment systems, and inter-organizational data interchange