A Privacy-Sensitive Collaborative Approach to Business Process Development
The objective of this paper is to enable organizations to generate an executable business process from high level design specifications. The basic idea is to exploit the knowledge of the existing business processes of related organizations to generate an executable business process for the given organization based on its requirements. However, this requires organizations with existing business processes to share their process execution sequences. Since the execution sequences (even after data sanitization) still include sensitive business information which organizations may not want to share with their competitors, this needs to be done in a privacy-sensitive way.
Towards this, we propose a privacy preserving approach for generating a repository of business process execution sequences. The proposed approach is based on differential privacy and does not reveal any sensitive information about individual organizations. The proposed approach is designed for a collaborative environment in which organizations share their business process details with a trusted third party called Business Process Recommendation and Composition System (BPRCS). BPRCS generates a differentially private dataset of execution sequences and employs process mining and classification techniques on this dataset to regenerate the executable business process workflow. We have implemented a prototype of BPRCS in J2EE and used it to validate the approach.
KeywordsBusiness Process Dependency Graph Execution Sequence Minimum Support Threshold Differential Privacy
The work of Shafiq and Shamail is supported by the LUMS Faculty Initiative Fund Grant and by HEC under the PAK-US Science and Technology Cooperation Program. The work of Vaidya is supported by the NSF under Grant No. CNS-1422501. The work of Adam is supported by the National Academies of Sciences, Engineering, and Medicine under the PAK-US Science and Technology Cooperation Program.
- 3.Bentounsi, M., Benbernou, S., Atallah, M.J.: Privacy-preserving business process outsourcing. In: 2012 IEEE 19th International Conference on Web Services (ICWS), pp. 662–663, June 2012Google Scholar
- 4.Bentounsi, M., Benbernou, S., Deme, C.S., Atallah, M.J.: Anonyfrag: an anonymization-based approach for privacy-preserving bpaas. In: Proceedings of the 1st International Workshop on Cloud Intelligence, Cloud-I 2012, pp. 9:1–9:8. ACM, NY, USA (2012)Google Scholar
- 8.Chen, R., Fung, B.C., Desai, B.C., Sossou, N.M.: Differentially private transit data publication: a case study on the montreal transportation system. In: Proceedings of the 18th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2012, pp. 213–221. ACM, NY, USA (2012)Google Scholar
- 9.Chun, S., Atluri, V., Adam, N.R.: Dynamic composition of workflows for customized egovernment service delivery. In: Proceedings of the Annual National Conference on Digital Government Research, pp. 1–7. Digital Government Society of North America (2002)Google Scholar
- 15.Evdemon, J., Arkin, A., Barreto, A., Curbera, B., Goland, F., Kartha, G., Khalaf, L., Marin, van der Rijn, M., Yiu, Y.: Services business process execution language version 2.0. OASIS Standard, April 2007Google Scholar
- 17.Kerschbaum, F., Deitos, R.J.: Security against the business partner. In: Proceedings of the ACM Workshop on Secure Web Services, SWS 2008, pp. 1–10. ACM, New York, USA (2008)Google Scholar
- 18.Kifer, D., Machanavajjhala, A.: No free lunch in data privacy. In: Proceedings of the ACM SIGMOD International Conference on Management of Data, SIGMOD 2011, pp. 193–204. ACM, New York, NY, USA (2011)Google Scholar
- 20.McSherry, F.D.: Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In: Proceedings of the ACM SIGMOD International Conference on Management of data, SIGMOD 2009, pp. 19–30. ACM, New York, USA (2009)Google Scholar
- 21.Moser, O., Rosenberg, F., Dustdar, S.: Non-intrusive monitoring and service adaptation for WS-BPEL. In: Proceedings of the 17th International Conference on World Wide Web, WWW 2008, pp. 815–824. ACM, New York, USA (2008)Google Scholar
- 23.Quinlan, J.R.: Induction of decision trees. Mach. Learn. 1(1), 81–106 (1986)Google Scholar
- 24.Silva, R., Zhang, J., Shanahan, J.G.: Probabilistic workflow mining. In: Proceedings of the Eleventh ACM SIGKDD International Conference on Knowledge Discovery in Data Mining, KDD 2005, pp. 275–284. ACM, New York, USA (2005)Google Scholar
- 25.Turban, E., Lee, J.K., King, D., Liang, T.P., Turban, D.: Electronic Commerce 2010. Prentice Hall Press, Upper Saddle River (2009)Google Scholar