Abstract
In general the problem of verifying whether a structured business process is compliant with a given set of regulations is NP-hard. The present paper focuses on identifying a tractable subset of this problem, namely verifying whether a structured business process is compliant with a single global obligation. Global obligations are those whose validity spans for the entire execution of a business process. We identify two types of obligations: achievement and maintenance.
In the present paper we firstly define an abstract framework capable to model the problem and secondly we define procedures and algorithms to deal with the compliance problem of checking the compliance of a structured business process with respect to a single global obligation. We show that the algorithms proposed in the paper run in polynomial time.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Kharbili M. Business process regulatory compliance management solution frameworks: a comparative evaluation. In: Proceedings of Asia-Pacific Conference on Conceptual Modelling. 2012, 23–32
Sadiq S, Governatori G. Managing regulatory compliance in business processes. In: Proceedings of International Handbooks on Information Systems. 2010, 159–175
Governatori G, Sadiq S. The journey to business process compliance. In: Cardoso J, Aalst v. d W, eds. Handbook of Research on BPM. 2009, 426–454
Governatori G, Milosevic Z, Sadiq S. Compliance checking between business processes and business contracts. In: Proceedings of the 10th International Enterprise Distributed Object Computing Conference. 2006, 221–232
Roman D, Kifer M. Reasoning about the behaviour of semantic web services with concurrent transaction logic. In: Proceedings of the 33rd International Conference on Very Large Data Bases. 2007, 627–638
Ghose A, Koliadis G. Auditing Business Process Compliance. Springer Berlin Heidelberg. 2007, 169–180
Colombo Tosatto S, Governatori G, Kelsen P. Business process regulatory compliance is hard. IEEE Transactions on Service Computing, 2014, (99): 1
Prakken H, Sergot M. Dyadic deontic logic and contrary-to-duty obligations. Defeasible Deontic Logic, 1997, 263: 223–262
Jones A, Carmo J. Deontic logic and contrary-to-duties. In: Gabbay D, Guenthner F, eds. Handbook of Philosophical Logic. 2002, 265–343
Kiepuszewski B, Hofstede A H M, Bussler C J. On structured work-flow modelling. In: Proceedings of the 12th International Conference on Advanced Information Systems Engineering. 2000, 431–445
Polyvyanyy A, García-Bañuelos L, Dumas M. Structuring acyclic process models. Information Systems, 2012, 37(6): 518–538
Keller G, Teufel T. SAP R/3 Process Oriented Implementation: Iterative Process Prototyping. Addison-Wesley, 1998
Governatori G, Hoffmann J, Sadiq S W, Weber I. Detecting regulatory compliance for business process models through semantic annotations. In: Ardagna D, Mecella M, Yang J, eds. Business Process Management Workshops. 2008, 5–17
Alchourrón C E, Gärdenfors P, Makinson D. On the logic of theory change: partial meet contraction and revision functions. Journal of Symbolic Logic, 1985, 50(2): 510–530
Governatori G, Rotolo A. Norm compliance in business process modeling. In: Proceedings of the 4th International Web Rule Symposium: Research Based and Industry Focused. 2010, 194–209
Aalst WMP, Pesic M, Schonenberg H. Declarative workflows: balancing between flexibility and support. Computer Science-Research and Development, 2009, 23(2): 99–113
Awad A, Decker G, Weske M. Efficient compliance checking using bpmn-q and temporal logic. Lecture Notes in Computer Science, 2008, 5240, 326–341
Hoffmann J, Weber I, Governatori G. On compliance checking for clausal constraints in annotated process models. Information Systems Frontiers, 2012, 14(2): 155–177
Author information
Authors and Affiliations
Corresponding author
Additional information
Silvano Colombo Tosatto studied computer science at the Università di Torino where he received the MS degree in 2010 defending his thesis entitled “Neural Symbolic Learning Systems: Neural Networks for Normative Reasoning”. He is currently working toward the PhD degree at the University of Luxembourg, where he is mainly working on the complexity of proving regulatory compliance. His main research interest is artificial intelligence, in particular agent architectures, multi-agent systems, and normative reasoning.
Pierre Kelsen received the PhD degree in computer science at the University of Illinois at Urbana-Champaign in the area of parallel graph algorithms. He is a professor of computer science at the University of Luxembourg, where he leads the Laboratory for Advanced Software Systems. He held postdoctoral positions at the University of British Columbia and the Max-Planck Institute for Informatics. His research interests include model-driven engineering, formal methods, and algorithms.
Qin Ma is a research associate in the Public Research Centre Henri Tudor in Luxembourg. She has received a PhD in computer science from the University of Paris 7 and INRIA-Rocquencourt in France in 2005. Her PhD thesis is about functional, concurrent, and object-oriented programming language design. Her main research interests are model-driven software engineering, formal semantics, regulatory compliance management, enterprise architecture, and concurrency theory.
Marwane El Kharbili developed in his PhD thesis methods and languages for enterprise regulatory compliance management of enterprise models and business processes by applying and extending techniques form formal methods, security policies and software language engineering. His core fields of research are enterprise architectures/business process management and model driven engineering. His main area of research covers the development of procedures, languages and tools for the modelling, automated verification and analysis of regulatory compliance in information systems as well as the governance thereof.
Guido Governatori received the PhD degree in legal informatics from the University of Bologna, Italy. He is a senior principal researcher in the Software Systems Research Group at NICTA, where he leads the research activities on business process compliance. He is also an adjoint professor in the BPM Group at Queensland University of Technology, Australia. His research interests include defeasible reasoning, modal deontic and non-classical logics and their applications to normative reasoning, agent systems, and business process modelling.
Leendert (Leon) van der Torre joined the University of Luxembourg as a full professor for intelligent systems in January 2006. He developed the BOID agent architecture (with colleagues from Vrije Universiteit Amsterdam), input/output logic (with David Makinson) and the game-theoretic approach to normative multiagent systems (with Guido Boella from University of Torino). He has authored over 230 papers indexed by DBLP and 30 papers in disciplines outside computer science. He is an editor of the handbook of deontic logic and normative systems (2013), deontic logic corner editor of the Journal of Logic and Computation, and member of the editorial boards of Logic Journal of the IGPL and the IfCoLog Journal of Logics and their Applications.
Rights and permissions
About this article
Cite this article
Colombo Tosatto, S., Kelsen, P., Ma, Q. et al. Algorithms for tractable compliance problems. Front. Comput. Sci. 9, 55–74 (2015). https://doi.org/10.1007/s11704-014-3239-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11704-014-3239-y