@inbook{557b25184e87497b898d79e0f9fc6622,
title = "Privacy-aware workflow management",
abstract = "Information security policies play an important role in achieving information security. Confidentiality, Integrity, and Availability are classic information security goals attained by enforcing appropriate security policies. Workflow Management Systems (WfMSs) also benefit from inclusion of these policies to maintain the security of business-critical data. However, in typical WfMSs these policies are designed to enforce the organisation{\textquoteright}s security requirements but do not consider those of other stakeholders. Privacy is an important security requirement that concerns the subject of data held by an organisation. WfMSs often process sensitive data about individuals and institutions who demand that their data is properly protected, but WfMSs fail to recognise and enforce privacy policies. In this paper, we illustrate existing WfMS privacy weaknesses and introduce WfMS extensions required to enforce data privacy. We have implemented these extensions in the YAWL system and present a case scenario to demonstrate how it can enforce a subject{\textquoteright}s privacy policy.",
author = "B. Alhaqbani and M. Adams and C.J. Fidge and {Hofstede, ter}, A.H.M.",
year = "2013",
doi = "10.1007/978-3-642-28409-0_5",
language = "English",
isbn = "978-3-642-28408-3",
series = "Studies in Computational Intelligence",
publisher = "Springer",
pages = "111--128",
editor = "M. Glykas",
booktitle = "Business process management: theory and applications",
address = "Germany",
}