10.1184/R1/6603689.v1
Jeremiah Blocki
Jeremiah
Blocki
Nicolas Christin
Nicolas
Christin
Anupam Datta
Anupam
Datta
Ariel D. Procaccia
Ariel D.
Procaccia
Arunesh Sinha
Arunesh
Sinha
Audit Games
Carnegie Mellon University
2008
computer sciences
2008-12-01 00:00:00
Journal contribution
https://kilthub.cmu.edu/articles/journal_contribution/Audit_Games/6603689
<p>Effective enforcement of laws and policies requires expending resources to prevent and detect offenders, as well as appropriate punishment schemes to deter violators. In particular, enforcement of privacy laws and policies in modern organizations that hold large volumes of personal information (e.g., hospitals, banks) relies heavily on internal audit mechanisms. We study economic considerations in the design of these mechanisms, focusing in particular on effective resource allocation and appropriate punishment schemes. We present an audit game model that is a natural generalization of a standard security game model for resource allocation with an additional punishment parameter. Computing the Stackelberg equilibrium for this game is challenging because it involves solving an optimization problem with non-convex quadratic constraints. We present an additive FPTAS that effi- ciently computes the solution.</p>