Dynamic Access Control to Semantics-Aware Streamed Process Logs

Marcello Leida, Paolo Ceravolo, Ernesto Damiani, Rasool Asal, Maurizio Colombo

Research output: Contribution to journalArticlepeer-review

3 Scopus citations

Abstract

Business process logs are composed of event records generated, collected and analyzed at different locations, asynchronously and under the responsibility of different authorities. Their analysis is often delegated to auditors who have a mandate for monitoring processes and computing metrics but do not always have the rights to access the individual events used to compute them. A major challenge of this scenario is reconciling the requirements of privacy and access control with the need to continuously monitor and assess the business process. In this paper, we present a model, a language and a software toolkit for controlling access to process data where logs are made available as streams of RDF triples referring to some company-specific business ontology. Our approach is based on the novel idea of dynamic enforcement: we incrementally build dynamic filters for each process instance, based on the applicable access control policy and on the current prefix of the event stream. The implementation and performance validation of our solution is also presented.

Original languageBritish English
Pages (from-to)203-218
Number of pages16
JournalJournal on Data Semantics
Volume8
Issue number3
DOIs
StatePublished - 1 Sep 2019

Fingerprint

Dive into the research topics of 'Dynamic Access Control to Semantics-Aware Streamed Process Logs'. Together they form a unique fingerprint.

Cite this