Seeliger, Alexander ; Nolle, Timo ; Schmidt, Benedikt ; Mühlhäuser, Max (2016)
Process Compliance Checking using Taint Flow Analysis.
Dublin, Ireland
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Due to the growing complexity of processes, regulations, policies and guidelines (e.g., Sarbanes-Oxley-Act) computer-assisted business process analysis - known as process mining - is becoming more and more relevant for organisations. One discipline of process mining is backward compliance checking, which aims to detect non-compliant process variants based on historic data. Most existing approaches compare the "as-is" view with desired process models. However, most organisations do not maintain such models, making such approaches less attractive. This paper proposes a process flow analysis which uses graph-reachability to check whether the actual "as-is" process graph violates compliance constraints. Our approach is inspired by the taint flow algorithm which is used in code analysis to identify security vulnerabilities in software applications. We conducted a case study evaluating the compliance of event logs and performed a benchmark to show that our approach outperforms the LTL checker and the PetriNet pattern approach in ProM.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2016 |
| Autor(en): | Seeliger, Alexander ; Nolle, Timo ; Schmidt, Benedikt ; Mühlhäuser, Max |
| Art des Eintrags: | Bibliographie |
| Titel: | Process Compliance Checking using Taint Flow Analysis |
| Sprache: | Englisch |
| Publikationsjahr: | 11 Dezember 2016 |
| Verlag: | AIS |
| Buchtitel: | Proceedings of the 37th International Conference on Information Systems (ICIS) |
| Band einer Reihe: | 37 |
| Veranstaltungsort: | Dublin, Ireland |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | Due to the growing complexity of processes, regulations, policies and guidelines (e.g., Sarbanes-Oxley-Act) computer-assisted business process analysis - known as process mining - is becoming more and more relevant for organisations. One discipline of process mining is backward compliance checking, which aims to detect non-compliant process variants based on historic data. Most existing approaches compare the "as-is" view with desired process models. However, most organisations do not maintain such models, making such approaches less attractive. This paper proposes a process flow analysis which uses graph-reachability to check whether the actual "as-is" process graph violates compliance constraints. Our approach is inspired by the taint flow algorithm which is used in code analysis to identify security vulnerabilities in software applications. We conducted a case study evaluating the compliance of event logs and performed a benchmark to show that our approach outperforms the LTL checker and the PetriNet pattern approach in ProM. |
| ID-Nummer: | TUD-CS-2016-1455 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik 20 Fachbereich Informatik > Telekooperation LOEWE LOEWE > LOEWE-Schwerpunkte LOEWE > LOEWE-Schwerpunkte > NICER – Vernetzte infrastrukturlose Kooperation zur Krisenbewältigung |
| Hinterlegungsdatum: | 31 Dez 2016 12:59 |
| Letzte Änderung: | 14 Jun 2021 06:14 |
| PPN: | |
| Zugehörige Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum