Privacy-aware Process Performance Indicators: Framework and Release Mechanisms

TL;DR

This paper introduces a privacy-preserving framework for computing process performance indicators (PPIs) that balances data utility with privacy guarantees using differential privacy, validated through experiments and comparisons.

Contribution

It presents a novel framework and data release mechanisms for privacy-aware PPIs based on the PPINOT meta-model, with provable privacy guarantees.

Findings

Framework is feasible for privacy-preserving PPI computation

Trade-offs between data utility and privacy are demonstrated

Comparison shows advantages over traditional privatization approaches

Abstract

Process performance indicators (PPIs) are metrics to quantify the degree with which organizational goals defined based on business processes are fulfilled. They exploit the event logs recorded by information systems during the execution of business processes, thereby providing a basis for process monitoring and subsequent optimization. However, PPIs are often evaluated on processes that involve individuals, which implies an inevitable risk of privacy intrusion. In this paper, we address the demand for privacy protection in the computation of PPIs. We first present a framework that enforces control over the data exploited for process monitoring. We then show how PPIs defined based on the established PPINOT meta-model are instantiated in this framework through a set of data release mechanisms. These mechanisms are designed to provide provable guarantees in terms of differential privacy. We evaluate our framework and the release mechanisms in a series of controlled experiments. We further use a public event log to compare our framework with approaches based on privatization of event logs. The results demonstrate feasibility and shed light on the trade-offs between data utility and privacy guarantees in the computation of PPIs.