We begin by making the distinction between a decision-making process about security and the security, or accessibility, parameters of components of the decision-making process. A decision-making process about security might include the decisions needed to secure a corporate computer network. The security, or accessibility parameters, of each component of the decision-making model refers to who can know about particular parts of the decision and under what conditions. The following discussion concerns the latter issue of providing security meta-data to individual components of a decision-making process. To better understand how we might use security in the decision-making model, consider a decision-making model for a marketing plan created during a strategy meeting by the board of directors of a large company. Decision points in the marketing plan may reference confidential intellectual property of the company itself, or confidential intellectual property of partnering companies obtained through non-disclosure agreements, or sensitive financial information from all participants. Awareness that the marketing plan used this information and the details of this information should have accessibility restrictions placed on components of the plan, so that only particular information components go to the right people in the right departments of the companies involved. Furthermore, even when the details of the marketing plan can be circulated to particular people or departments within the participating companies, we would want associated security meta-data included to facilitate controls for the sake of efficiency. For example, marketing agents in the field may need only certain details of the marketing plan, while the financial department might need a different set of the decision details.
Security management of components of a decision process generalizes to a three part restriction based on the hierarchical level of the recipient, the release group to which the individual belongs, and whether the person needs to know that part of the decision. Access to a particular detail of a decision means a person must be at the appropriate hierarchical level, belong to a group to which that decision detail has purview, and have a need within that group to have access to that decision detail.
Security management, including security hierarchical levels, release groups, and need to know descriptors included in decision meta-data, affords several benefits. First, security management improves the ability and willingness of people and organizations to share their decisions. If people feel secure that the private, proprietary or sensitive portions of their decision are secure, they will be more willing to share the decision with others. Second, security management improves the ability to deliver the right information to the right person at the right time. By specifying the appropriate access levels and need-to-know, the information can be routed more effectively to those who have the purpose and responsibility to act on the information. Third, security management addresses the issue of tracking controlled information. The inclusion of these access controls makes it easier to track information so that we know who has or does not have the information.
Security management is most effective and efficient if the information managed is modular, which allows the security to be applied in a granular way on only those components that require it. If information is not modular, the security meta-data can be applied too broadly or too narrowly, which is both inaccurate and inappropriate because it impedes information sharing. This modularity also has other benefits. When components of a decision can be referenced as a separate distinct module, rather than explicitly included, then appropriate choices can be made to support distributed low-bandwidth clients. This modularity prevents information overload by removing overwhelming details of a decision from the pertinent information provided to a person tasked with enacting the decision. Reducing the amount of decision information sent to people on the ground makes sense in situations like disaster relief where issues of limited communication bandwidth and device battery life must be handled without affecting the decision process. Sending too much unnecessary information to many people can overload the communication channels and prematurely deplete battery-life in critical mobile communication devices, as well as force people to search through inordinate amounts of information for the specific piece of information they need to do their jobs.