Business process discovery as a service with event log privacy and access control over discovered models

The information systems supporting business processes of organizations generate and collect a large number of records in event logs that are exploitable in process mining tasks (discovery, conformance and enhancement). Under a Big Data scenario, Process Mining as a Service (PMaaS) can be attractive...

Full description

Saved in:
Bibliographic Details
Published in:Computing Vol. 106; no. 11; pp. 3603 - 3625
Main Authors: de la Fuente-Anaya, Hector A., Marin-Castro, Heidy M., Morales-Sandoval, Miguel, Garcia-Hernandez, Jose Juan
Format: Journal Article
Language:English
Published: Vienna Springer Vienna 01.11.2024
Springer Nature B.V
Subjects:
Access control
Artificial Intelligence
Big Data
Cloud computing
Computer Appl. in Administrative Data Processing
Computer Communication Networks
Computer Science
Cryptography
Encryption
Information systems
Information Systems Applications (incl.Internet)
Privacy
Security
Software
Software Engineering
Special Issue Article
Process mining
Access control
Privacy preservation
68P25
Event log
68T09
Cryptography
68M25
Proxy re-encryption
ISSN:0010-485X, 1436-5057
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The information systems supporting business processes of organizations generate and collect a large number of records in event logs that are exploitable in process mining tasks (discovery, conformance and enhancement). Under a Big Data scenario, Process Mining as a Service (PMaaS) can be attractive for organizations to outsource the storage of event logs and the processing resources for process mining tasks to the cloud in the presence of large event logs. However, the Cloud Service Provider (CSP) may be honest but curious, thus posing security and privacy risks when event log data are sensitive or subject to data privacy laws and regulations. In this work, a cryptography-based method is presented that preserves the privacy of event log data outsourced to an untrusted CSP, which executes the process discovery task, the most common task in process mining. The method conveniently encrypts the event log on the data owner’s side to enable the CSP to apply access control over the discovered models (encrypted) through proxy re-encryption. The proposed method is implemented as a software tool and validated and evaluated in terms of performance, scalability, and data utility using real medical (sensitive) data logs under recommended security levels. The results demonstrate the feasibility of the proposed approach to support Process Discovery as a Service (PDaaS), which enables privacy preservation and access control.
Bibliography:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0010-485X
1436-5057
DOI:10.1007/s00607-024-01299-6