Privacy-aware workflow management

B. Alhaqbani, M. Adams, C.J. Fidge, A.H.M. Hofstede, ter

Research output: Chapter in Book/Report/Conference proceedingChapterAcademic

11 Citations (Scopus)

Abstract

Information security policies play an important role in achieving information security. Confidentiality, Integrity, and Availability are classic information security goals attained by enforcing appropriate security policies. Workflow Management Systems (WfMSs) also benefit from inclusion of these policies to maintain the security of business-critical data. However, in typical WfMSs these policies are designed to enforce the organisation’s security requirements but do not consider those of other stakeholders. Privacy is an important security requirement that concerns the subject of data held by an organisation. WfMSs often process sensitive data about individuals and institutions who demand that their data is properly protected, but WfMSs fail to recognise and enforce privacy policies. In this paper, we illustrate existing WfMS privacy weaknesses and introduce WfMS extensions required to enforce data privacy. We have implemented these extensions in the YAWL system and present a case scenario to demonstrate how it can enforce a subject’s privacy policy.
Original languageEnglish
Title of host publicationBusiness process management: theory and applications
EditorsM. Glykas
PublisherSpringer
Pages111-128
Number of pages457
ISBN (Print)978-3-642-28408-3
DOIs
Publication statusPublished - 2013

Publication series

NameStudies in Computational Intelligence
Volume444
ISSN (Print)1860-949X

Fingerprint

Dive into the research topics of 'Privacy-aware workflow management'. Together they form a unique fingerprint.

Cite this