Carnegie Mellon University
Browse
file.pdf (250.09 kB)

Audit Games

Download (250.09 kB)
journal contribution
posted on 2008-12-01, 00:00 authored by Jeremiah Blocki, Nicolas ChristinNicolas Christin, Anupam DattaAnupam Datta, Ariel D. Procaccia, Arunesh Sinha

Effective enforcement of laws and policies requires expending resources to prevent and detect offenders, as well as appropriate punishment schemes to deter violators. In particular, enforcement of privacy laws and policies in modern organizations that hold large volumes of personal information (e.g., hospitals, banks) relies heavily on internal audit mechanisms. We study economic considerations in the design of these mechanisms, focusing in particular on effective resource allocation and appropriate punishment schemes. We present an audit game model that is a natural generalization of a standard security game model for resource allocation with an additional punishment parameter. Computing the Stackelberg equilibrium for this game is challenging because it involves solving an optimization problem with non-convex quadratic constraints. We present an additive FPTAS that effi- ciently computes the solution.

History

Publisher Statement

All Rights Reserved

Date

2008-12-01

Usage metrics

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC