Paper Type
ERF
Abstract
Artificial Intelligence (AI) is increasingly embedded in Identity and Access Management (IAM) systems for authentication, adaptive authorization, and behavioral anomaly detection. Despite these advances, IAM research has prioritized technical optimization over ethical governance, creating risks of privacy violations, algorithmic bias, and opaque decision-making. This study proposes a three-layered governance framework artifact that operationalizes ethical AI principles—fairness, transparency, accountability, privacy, and human oversight—within AI-enabled IAM systems. Derived through a systematic literature review of 34 peer-reviewed articles and evaluated by six industry experts with 8–18 years of experience, the framework integrates a Principles Layer, Governance Layer, and Oversight and Control Layer. Expert feedback confirmed practical applicability, particularly for consent traceability and audit logging. This early-stage artifact contributes a conceptually grounded, operationally focused approach to embedding ethics into identity infrastructures.
Paper Number
1486
Recommended Citation
PARAMASHIVAIAH, MANJUNATH and Pigni, Federico, "Governance Framework for Ethical AI in Identity and Access Management" (2026). AMCIS 2026 Proceedings. 17.
https://aisel.aisnet.org/amcis2026/sig_sec/sig_sec/17
Governance Framework for Ethical AI in Identity and Access Management
Artificial Intelligence (AI) is increasingly embedded in Identity and Access Management (IAM) systems for authentication, adaptive authorization, and behavioral anomaly detection. Despite these advances, IAM research has prioritized technical optimization over ethical governance, creating risks of privacy violations, algorithmic bias, and opaque decision-making. This study proposes a three-layered governance framework artifact that operationalizes ethical AI principles—fairness, transparency, accountability, privacy, and human oversight—within AI-enabled IAM systems. Derived through a systematic literature review of 34 peer-reviewed articles and evaluated by six industry experts with 8–18 years of experience, the framework integrates a Principles Layer, Governance Layer, and Oversight and Control Layer. Expert feedback confirmed practical applicability, particularly for consent traceability and audit logging. This early-stage artifact contributes a conceptually grounded, operationally focused approach to embedding ethics into identity infrastructures.
Comments
SIG SEC