Skip to main content
Springer Nature Link
Log in

Towards Inherent Privacy Awareness in Workflows

  • Conference paper
  • First Online:
Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance (DPM 2014, QASA 2014, SETOP 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8872))

  • 1720 Accesses

Abstract

This paper presents a holistic approach to the realisation of Privacy by Design in workflow environments, ensuring that workflow models are rendered privacy-aware already at their specification phase. In this direction, the proposed framework, considering the particular technical requirements stemming from data protection principles, is centred around the following features: a novel, ontology-based approach to workflow modelling, which manages, unlike all other existing technologies, to adequately capture privacy aspects pertaining to workflow execution; the appropriate codification of privacy requirements into compliance rules and directives; an automated procedure for the verification of workflow models and their subsequent transformation, if needed, so that they become inherently privacy-aware before being deployed for execution.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    Naturally, the information model may vary; still, several concepts (e.g., roles, operations, data types, etc.) are pervasive and are the focus of the following.

  2. 2.

    In Web Services terms, Operation Containers correspond to a service interface, whereas Operation Instances represent the associated operations [28].

References

  1. FP7 ICT DEMONS (DEcentralized, cooperative, and privacy-preserving MONitoring for trustworthinesS). http://www.fp7-demons.eu/

  2. van der Aalst, W.M.P., ter Hofstede, A.H.M.: YAWL: yet another workflow language. Inf. Syst. 30(4), 245–275 (2005)

    Article  Google Scholar 

  3. Alhaqbani, B., Adams, M., Fidge, C.J., ter Hofstede, A.H.M.: Privacy-aware workflow management. In: Glykas, M. (ed.) Business Process Management. SCI, vol. 444, pp. 111–128. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  4. Awad, A., Weidlich, M., Weske, M.: Visually specifying compliance rules and explaining their violations for business processes. J. Visual Lang. Comput. 22, 30–55 (2011)

    Article  Google Scholar 

  5. Ayed, S., Cuppens-Boulahia, N., Cuppens, F.: Deploying security policy in intra and inter workflow management systems. In: International Conference on Availability, Reliability and Security (ARES) (2009)

    Google Scholar 

  6. Bertino, E., Crampton, J., Paci, F.: Access control and authorization constraints for WS-BPEL. In: International Conference on Web Services (2006)

    Google Scholar 

  7. Botha, R.A., Eloff, J.H.P.: Separation of duties for access control enforcement in workflow environments. IBM Syst. J. 40(3), 666–682 (2001)

    Article  Google Scholar 

  8. Cavoukian, A.: Privacy by design: origins, meaning, and prospects for assuring privacy and trust in the information era. In: Yee, G. (ed.) Privacy Protection Measures and Technologies in Business Organizations: Aspects and Standards. IGI Global, Hershey (2012)

    Google Scholar 

  9. Cuppens, F., Cuppens-Boulahia, N.: Modeling contextual security policies. Int. J. Inf. Secur. 7(4), 285–305 (2008)

    Article  Google Scholar 

  10. Goedertier, S., Vanthienen, J.: Designing compliant business processes with obligations and permissions. In: Eder, J., Dustdar, S. (eds.) BPM Workshops 2006. LNCS, vol. 4103, pp. 5–14. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Governatori, G., Hoffmann, J., Sadiq, S., Weber, I.: Detecting regulatory compliance for business process models through semantic annotations. In: Ardagna, D., Mecella, M., Yang, J. (eds.) Business Process Management Workshops. LNBIP, vol. 17, pp. 5–17. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. Jablonski, S., Bussler, C.: Workflow Management: Modeling, Concepts, Architecture and Implementation. International Thomson Computer Press, London (1996)

    Google Scholar 

  13. Kahn, A.B.: Topological sorting of large networks. Commun. ACM 5(11), 558–562 (1962)

    Article  MATH  Google Scholar 

  14. Koukovini, M.N., Papagiannakopoulou, E.I., Lioudakis, G.V., Dellas, N., Kaklamani, D.I., Venieris, I.S.: Privacy compliance requirements in workflow environments. In: Cruz-Cunha, M.M. (ed.) Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance. IGI Global, Hershey (2014)

    Google Scholar 

  15. Koukovini, M.N., Papagiannakopoulou, E.I., Lioudakis, G.V., Dellas, N., Kaklamani, D.I., Venieris, I.S.: Workflow modeling technologies. In: Khosrow-Pour, M. (ed.) Encyclopedia of Information Science and Technology, pp. 5348–5356. IGI Global, Hershey (2015)

    Chapter  Google Scholar 

  16. Koukovini, M.N., Papagiannakopoulou, E.I., Lioudakis, G.V., Kaklamani, D.I., Venieris, I.S.: A workflow checking approach for inherent privacy awareness in network monitoring. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cuppens-Boulahia, N., de Capitani di Vimercati, S. (eds.) DPM 2011 and SETOP 2011. LNCS, vol. 7122, pp. 295–302. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  17. Koukovini, M.N., Papagiannakopoulou, E.I., Lioudakis, G.V., Dellas, N.L., Kaklamani, D.I., Venieris, I.S.: An ontology-based approach towards comprehensive workflow modelling. IET Softw. 8(2), 73–85 (2014)

    Google Scholar 

  18. Leyla, N., Mashiyat, A.S., Wang, H., MacCaull, W.: Towards workflow verification. In: Proceedings of the 2010 Conference of the Center for Advanced Studies on Collaborative Research, CASCON 2010 (2010)

    Google Scholar 

  19. Lu, R., Sadiq, S.K., Governatori, G.: Compliance aware business process design. In: ter Hofstede, A.H.M., Benatallah, B., Paik, H.-Y. (eds.) BPM 2007 Workshops. LNCS, vol. 4928, pp. 120–131. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  20. Lu, R., Sadiq, S., Governatori, G.: Measurement of compliance distance in business processes. Inf. Syst. Manag. 25, 344–355 (2008)

    Article  Google Scholar 

  21. Ludäscher, B., Altintas, I., Bowers, S., Cummings, J., Critchlow, T., Deelman, E., De Roure, D., Freire, J., Goble, C., Jones, M., Klasky, S., McPhillips, T., Podhorszki, N., Silva, C., Taylor, I., Vouk, M.: Scientific process automation and workflow management. In: Shoshani, A., Rotem, D. (eds.) Scientific Data Management, Chap. 13. Computational Science Series. Chapman & Hall, London (2009)

    Google Scholar 

  22. Meda, H.S., Sen, A.K., Bagchi, A.: On detecting data flow errors in workflows. J. Data Inf. Qual. 2(1), 4:1–4:31 (2010)

    Google Scholar 

  23. Papagiannakopoulou, E.I., Koukovini, M.N., Lioudakis, G.V., Dellas, N., Kaklamani, D.I., Venieris, I.S.: Privacy-aware access control. In: Khosrow-Pour, M. (ed.) Encyclopedia of Information Science and Technology, pp. 4403–4411. IGI Global, Hershey (2015)

    Chapter  Google Scholar 

  24. Papagiannakopoulou, E.I., et al.: Leveraging ontologies upon a holistic privacy-aware access control model. In: Danger, J.-L., Debbabi, M., Marion, J.-Y., Garcia-Alfaro, J., Heywood, N.Z. (eds.) FPS 2013. LNCS, vol. 8352, pp. 209–226. Springer, Heidelberg (2014)

    Chapter  Google Scholar 

  25. Papagiannakopoulou, E.I., Koukovini, M.N., Lioudakis, G.V., Garcia-Alfaro, J., Kaklamani, D.I., Venieris, I.S., Cuppens, F., Cuppens-Boulahia, N.: A privacy-aware access control model for distributed network monitoring. Comput. Electr. Eng. 39(7), 2263–2281 (2013)

    Article  Google Scholar 

  26. Short, S., Kaluvuri, S.P.: A data-centric approach for privacy-aware business process enablement. In: van Sinderen, M., Johnson, P. (eds.) IWEI 2011. LNBIP, vol. 76, pp. 191–203. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  27. The Object Management Group (OMG): Business Process Modeling Notation (BPMN) Version 2.0, OMG Specification, January 2011

    Google Scholar 

  28. The World Wide Web Consortium (W3C): Web Services Description Language (WSDL) Version 2.0, W3C Standard, June 2007

    Google Scholar 

  29. Witt, S., Feja, S., Speck, A., Prietz, C.: Integrated privacy modeling and validation for business process models. In: Proceedings of the 2012 Joint EDBT/ICDT Workshops, EDBT-ICDT 2012. ACM (2012)

    Google Scholar 

  30. Wolter, C., Menzel, M., Schaad, A., Miseldine, P., Meinel, C.: Model-driven business process security requirement specification. J. Syst. Architect. 55(4), 211–223 (2009)

    Article  Google Scholar 

  31. Wolter, C., Schaad, A.: Modeling of task-based authorization constraints in BPMN. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 64–79. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  32. Wolter, C., Schaad, A., Meinel, C.: Task-based entailment constraints for basic workflow patterns. In: Proceedings of the 13th Symposium on Access Control Models and Technologies, SACMAT 2008. ACM (2008)

    Google Scholar 

  33. Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: Proceedings of the IEEE International Conference on Web Services, ICWS 2005. IEEE Computer Society (2005)

    Google Scholar 

Download references

Acknowledgment

This research was supported by the European Commission, in the frame of the FP7 DEMONS project.

Author information

Authors and Affiliations

  1. School of Electrical and Computer Engineering, National Technical University of Athens, Heroon Polytechniou 9, 15773, Athens, Greece

    Maria N. Koukovini, Eugenia I. Papagiannakopoulou, Georgios V. Lioudakis, Dimitra I. Kaklamani & Iakovos S. Venieris

  2. SingularLogic S.A., Al. Panagouli and Siniosoglou, 14234, Nea Ionia, Greece

    Nikolaos Dellas

Authors
  1. Maria N. Koukovini
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Eugenia I. Papagiannakopoulou
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Georgios V. Lioudakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Nikolaos Dellas
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dimitra I. Kaklamani
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Iakovos S. Venieris
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Maria N. Koukovini .

Editor information

Editors and Affiliations

  1. Télécom SudParis, Evry, France

    Joaquin Garcia-Alfaro

  2. Universitat Autònoma de Barcelona, Bellaterra, Spain

    Jordi Herrera-Joancomartí

  3. Imperial College London, London, United Kingdom

    Emil Lupu

  4. Universität Passau, Passau, Germany

    Joachim Posegga

  5. University of Urbino, Urbino, Italy

    Alessandro Aldini

  6. Pisa Research Area, National Research Council - CNR, Pisa, Italy

    Fabio Martinelli

  7. Technische Universität Darmstadt, Darmstadt, Germany

    Neeraj Suri

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Koukovini, M.N., Papagiannakopoulou, E.I., Lioudakis, G.V., Dellas, N., Kaklamani, D.I., Venieris, I.S. (2015). Towards Inherent Privacy Awareness in Workflows. In: Garcia-Alfaro, J., et al. Data Privacy Management, Autonomous Spontaneous Security, and Security Assurance. DPM QASA SETOP 2014 2014 2014. Lecture Notes in Computer Science(), vol 8872. Springer, Cham. https://doi.org/10.1007/978-3-319-17016-9_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-17016-9_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-17015-2

  • Online ISBN: 978-3-319-17016-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics