A Privacy-Preserving Approach to Conformance Checking

TL;DR

This paper introduces a privacy-preserving method for conformance checking in process mining, enabling secure comparison of models and logs without revealing sensitive data using homomorphic encryption.

Contribution

It presents a novel secure approach based on string algorithms and homomorphic encryption, allowing privacy-preserving conformance checking without exposing data.

Findings

Secure conformance checking is feasible with high memory and processing costs.

The approach works on both synthetic and real-world logs.

Homomorphic encryption enables privacy without sacrificing correctness.

Abstract

Conformance checking, one of the main process mining operations, aims to identify discrepancies between a process model and an event log. The model represents the expected behaviour, whereas the event log represents the actual process behaviour as captured in information systems records. Traditionally, the process model and the event log are both accessible to the business analyst performing the conformance checking. However, in some contexts, it is necessary to keep either the model or the log private to protect critical or sensitive information. In this paper, we propose a secure approach to conformance checking based on string processing algorithms and homomorphic encryption, where the process model and event log ar not visible to either the model's or event log's owner. The proposed technique is based on alignments, a well-known formalism used for conformance checking. An evaluation is performed using a synthetic and a real-world event log, showing that conformance checking can be securely computed at the expense of high memory and processing requirements.