A Privacy-Sensitive Collaborative Approach to Business Process Development

  • Hassaan Irshad
  • Basit Shafiq
  • Jaideep VaidyaEmail author
  • Muhammad Ahmed Bashir
  • Hafiz Salman Asif
  • Sameera Ghayyur
  • Shafay Shamail
  • Adam Nabil
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 585)


The objective of this paper is to enable organizations to generate an executable business process from high level design specifications. The basic idea is to exploit the knowledge of the existing business processes of related organizations to generate an executable business process for the given organization based on its requirements. However, this requires organizations with existing business processes to share their process execution sequences. Since the execution sequences (even after data sanitization) still include sensitive business information which organizations may not want to share with their competitors, this needs to be done in a privacy-sensitive way.

Towards this, we propose a privacy preserving approach for generating a repository of business process execution sequences. The proposed approach is based on differential privacy and does not reveal any sensitive information about individual organizations. The proposed approach is designed for a collaborative environment in which organizations share their business process details with a trusted third party called Business Process Recommendation and Composition System (BPRCS). BPRCS generates a differentially private dataset of execution sequences and employs process mining and classification techniques on this dataset to regenerate the executable business process workflow. We have implemented a prototype of BPRCS in J2EE and used it to validate the approach.


Business Process Dependency Graph Execution Sequence Minimum Support Threshold Differential Privacy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



The work of Shafiq and Shamail is supported by the LUMS Faculty Initiative Fund Grant and by HEC under the PAK-US Science and Technology Cooperation Program. The work of Vaidya is supported by the NSF under Grant No. CNS-1422501. The work of Adam is supported by the National Academies of Sciences, Engineering, and Medicine under the PAK-US Science and Technology Cooperation Program.


  1. 1.
    Awad, A., Sakr, S., Kunze, M., Weske, M.: Design by selection: a reuse-based approach for business process modeling. In: Jeusfeld, M., Delcambre, L., Ling, T.-W. (eds.) ER 2011. LNCS, vol. 6998, pp. 332–345. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  2. 2.
    Baresi, L., Guinea, S.: Self-supervising bpel processes. IEEE Trans. Softw. Eng. 37(2), 247–263 (2011)CrossRefGoogle Scholar
  3. 3.
    Bentounsi, M., Benbernou, S., Atallah, M.J.: Privacy-preserving business process outsourcing. In: 2012 IEEE 19th International Conference on Web Services (ICWS), pp. 662–663, June 2012Google Scholar
  4. 4.
    Bentounsi, M., Benbernou, S., Deme, C.S., Atallah, M.J.: Anonyfrag: an anonymization-based approach for privacy-preserving bpaas. In: Proceedings of the 1st International Workshop on Cloud Intelligence, Cloud-I 2012, pp. 9:1–9:8. ACM, NY, USA (2012)Google Scholar
  5. 5.
    Brambilla, M., Fraternali, P., Vaca, C.: BPMN and design patterns for engineering social BPM solutions. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM Workshops 2011, Part I. LNBIP, vol. 99, pp. 219–230. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  6. 6.
    Bruno, G., Dengler, F., Jennings, B., Khalaf, R., Nurcan, S., Prilla, M., Sarini, M., Schmidt, R., Silva, R.: Key challenges for enabling agile BPM with social software. J. Softw. Maintenance Evol. Res. Pract. 23(4), 297–326 (2011)CrossRefGoogle Scholar
  7. 7.
    Calinescu, R., Grunske, L., Kwiatkowska, M., Mirandola, R., Tamburrelli, G.: Dynamic QoS management and optimization in service-based systems. IEEE Trans. Software Eng. 37(3), 387–409 (2011)CrossRefGoogle Scholar
  8. 8.
    Chen, R., Fung, B.C., Desai, B.C., Sossou, N.M.: Differentially private transit data publication: a case study on the montreal transportation system. In: Proceedings of the 18th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2012, pp. 213–221. ACM, NY, USA (2012)Google Scholar
  9. 9.
    Chun, S., Atluri, V., Adam, N.R.: Dynamic composition of workflows for customized egovernment service delivery. In: Proceedings of the Annual National Conference on Digital Government Research, pp. 1–7. Digital Government Society of North America (2002)Google Scholar
  10. 10.
    Chun, S.A., Atluri, V., Adam, N.R.: Domain knowledge-based automatic workflow generation. In: Hameurlain, A., Cicchetti, R., Traunmüller, R. (eds.) DEXA 2002. LNCS, vol. 2453, pp. 81–93. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Chun, S.A., Atluri, V., Adam, N.R.: Using semantics for policy-based web service composition. Distrib. Parallel Databases 18(1), 37–64 (2005)CrossRefGoogle Scholar
  12. 12.
    Dengler, F., Koschmider, A., Oberweis, A., Zhang, H.: Social software for coordination of collaborative process activities. In: Muehlen, M., Su, J. (eds.) BPM 2010 Workshops. LNBIP, vol. 66, pp. 396–407. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  13. 13.
    Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Evdemon, J., Arkin, A., Barreto, A., Curbera, B., Goland, F., Kartha, G., Khalaf, L., Marin, van der Rijn, M., Yiu, Y.: Services business process execution language version 2.0. OASIS Standard, April 2007Google Scholar
  16. 16.
    Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., Witten, I.H.: The weka data mining software: an update. ACM SIGKDD Explor. Newsl. 11(1), 10–18 (2009)CrossRefGoogle Scholar
  17. 17.
    Kerschbaum, F., Deitos, R.J.: Security against the business partner. In: Proceedings of the ACM Workshop on Secure Web Services, SWS 2008, pp. 1–10. ACM, New York, USA (2008)Google Scholar
  18. 18.
    Kifer, D., Machanavajjhala, A.: No free lunch in data privacy. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, SIGMOD 2011, pp. 193–204. ACM, New York, NY, USA (2011)Google Scholar
  19. 19.
    Koschmider, A., Song, M., Reijers, H.A.: Social software for business process modeling. J. Inf. Technol. 25(3), 308–322 (2010)CrossRefGoogle Scholar
  20. 20.
    McSherry, F.D.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: Proceedings of the ACM SIGMOD International Conference on Management of data, SIGMOD 2009, pp. 19–30. ACM, New York, USA (2009)Google Scholar
  21. 21.
    Moser, O., Rosenberg, F., Dustdar, S.: Non-intrusive monitoring and service adaptation for WS-BPEL. In: Proceedings of the 17th International Conference on World Wide Web, WWW 2008, pp. 815–824. ACM, New York, USA (2008)Google Scholar
  22. 22.
    Paliwal, A.V., Shafiq, B., Vaidya, J., Xiong, H., Adam, N.: Semantics-based automated service discovery. IEEE Trans. Serv. Comput. 5(2), 260–275 (2012)CrossRefGoogle Scholar
  23. 23.
    Quinlan, J.R.: Induction of decision trees. Mach. Learn. 1(1), 81–106 (1986)Google Scholar
  24. 24.
    Silva, R., Zhang, J., Shanahan, J.G.: Probabilistic workflow mining. In: Proceedings of the Eleventh ACM SIGKDD International Conference on Knowledge Discovery in Data Mining, KDD 2005, pp. 275–284. ACM, New York, USA (2005)Google Scholar
  25. 25.
    Turban, E., Lee, J.K., King, D., Liang, T.P., Turban, D.: Electronic Commerce 2010. Prentice Hall Press, Upper Saddle River (2009)Google Scholar
  26. 26.
    Van der Aalst, W., Weijters, T., Maruster, L.: Workflow mining: discovering process models from event logs. IEEE Trans. Knowl. Data Eng. 16(9), 1128–1142 (2004)CrossRefGoogle Scholar
  27. 27.
    van der Aalst, W.M.P., Pesic, M., Song, M.: Beyond process mining: from the past to present and future. In: Pernici, B. (ed.) CAiSE 2010. LNCS, vol. 6051, pp. 38–52. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  28. 28.
    Wen, L., Wang, J., Aalst, W., Huang, B., Sun, J.: A novel approach for process mining based on event types. J. Intell. Inf. Syst. 32, 163–190 (2009)CrossRefGoogle Scholar
  29. 29.
    Yu, T., Zhang, Y., Lin, K.-J.: Efficient algorithms for web services selection with end-to-end QoS constraints. ACM Trans. Web (TWEB) 1(1), 6 (2007)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Hassaan Irshad
    • 1
  • Basit Shafiq
    • 1
  • Jaideep Vaidya
    • 2
    Email author
  • Muhammad Ahmed Bashir
    • 1
  • Hafiz Salman Asif
    • 2
  • Sameera Ghayyur
    • 1
  • Shafay Shamail
    • 1
  • Adam Nabil
    • 2
  1. 1.Lahore University of Management SciencesLahorePakistan
  2. 2.CIMICRutgers UniversityNewarkUSA

Personalised recommendations