Privacy-aware workflow management

Alhaqbani, Bandar S., Adams, Michael J., Fidge, Colin J., & ter Hofstede, Arthur H.M. (2013) Privacy-aware workflow management. In Glykas, Michael (Ed.) Business Process Management. Springer Berlin Heidelberg, pp. 111-128.

[img] Draft Version (PDF 579kB)
Administrators only | Request a copy from author

View at publisher


Information security policies play an important role in achieving information security. Confidentiality, Integrity, and Availability are classic information security goals attained by enforcing appropriate security policies. Workflow Management Systems (WfMSs) also benefit from inclusion of these policies to maintain the security of business-critical data. However, in typical WfMSs these policies are designed to enforce the organisation’s security requirements but do not consider those of other stakeholders. Privacy is an important security requirement that concerns the subject of data held by an organisation. WfMSs often process sensitive data about individuals and institutions who demand that their data is properly protected, but WfMSs fail to recognise and enforce privacy policies. In this paper, we illustrate existing WfMS privacy weaknesses and introduce WfMS extensions required to enforce data privacy. We have implemented these extensions in the YAWL system and present a case scenario to demonstrate how it can enforce a subject’s privacy policy.

Impact and interest:

0 citations in Scopus
Search Google Scholar™

Citation counts are sourced monthly from Scopus and Web of Science® citation databases.

These databases contain citations from different subsets of available publications and different time periods and thus the citation count from each is usually different. Some works are not in either database and no count is displayed. Scopus includes citations from articles published in 1996 onwards, and Web of Science® generally from 1980 onwards.

Citations counts from the Google Scholar™ indexing service can be viewed at the linked Google Scholar™ search.

ID Code: 57923
Item Type: Book Chapter
Keywords: WorkflowManagement Systems, Privacy, Authorisation, YAWL
DOI: 10.1007/978-3-642-28409-0_5
ISBN: 9783642284090
ISSN: 1860-9503
Subjects: Australian and New Zealand Standard Research Classification > INFORMATION AND COMPUTING SCIENCES (080000) > INFORMATION SYSTEMS (080600)
Divisions: Current > Schools > School of Electrical Engineering & Computer Science
Current > Schools > School of Information Systems
Current > QUT Faculties and Divisions > Science & Engineering Faculty
Copyright Owner: Copyright 2013 Springer
Copyright Statement: The original publication is available at SpringerLink
Deposited On: 07 Mar 2013 23:54
Last Modified: 28 Nov 2015 09:45

Export: EndNote | Dublin Core | BibTeX

Repository Staff Only: item control page