Preserving Privacy in Collaborative Business Process Composition

Hassaan Irshad, Basit Shafiq, Jaideep Vaidya, Muhammad Ahmed Bashir, Shafay Shamail, Nabil Adam


Collaborative business process composition exploits the knowledge of existing business processes of related organizations to compose an executable business process for a given organization based on its requirements and design specifications. Typically, this requires organizations to share and upload their existing business process execution sequences to a central repository. However, even after masking of confidential data, the execution sequences may still include sensitive business information which organizations may not want to share with their competitors. To address this issue, we develop a privacy-preserving Business Process Recommendation and Composition System (BPRCS), that generates a differentially private dataset of execution sequences which can be published and shared with other organizations for composition and implementation of their business processes. We also employ process mining and classification techniques on this differentially private dataset to regenerate the executable business process workflow. We experimentally validate the effectiveness of our approach.


  1. Baresi, L. and Guinea, S. (2011). Self-supervising bpel processes. IEEE Trans. Softw. Eng., 37(2):247-263.
  2. Bentounsi, M., Benbernou, S., and Atallah, M. J. (2012a). Privacy-preserving business process outsourcing. In Web Services (ICWS), 2012 IEEE 19th International Conference on, pages 662-663.
  3. Bentounsi, M., Benbernou, S., Deme, C. S., and Atallah, M. J. (2012b). Anonyfrag: An anonymization-based approach for privacy-preserving bpaas. In Proceedings of the 1st International Workshop on Cloud Intelligence, Cloud-I 7812, pages 9:1-9:8.
  4. Brambilla, M., Fraternali, P., and Vaca, C. (2012). Bpmn and design patterns for engineering social bpm solutions. In Business Process Management Workshops, pages 219-230.
  5. Bruno, G., Dengler, F., Jennings, B., Khalaf, R., Nurcan, S., Prilla, M., Sarini, M., Schmidt, R., and Silva, R. (2011). Key challenges for enabling agile bpm with social software. Journal of Software Maintenance and Evolution: Research and Practice, 23(4):297-326.
  6. Chen, R., Fung, B. C., Desai, B. C., and Sossou, N. M. (2012). Differentially private transit data publication: a case study on the montreal transportation system. In Proceedings of the 18th ACM SIGKDD international conference on Knowledge discovery and data mining, KDD 7812, pages 213-221.
  7. Chun, S., Atluri, V., and Adam, N. R. (2002a). Dynamic composition of workflows for customized egovernment service delivery. In Proceedings of the 2002 annual national conference on Digital government research, pages 1-7.
  8. Chun, S. A., Atluri, V., and Adam, N. R. (2002b). Domain knowledge-based automatic workflow generation. In Database and Expert Systems Applications, pages 81- 93.
  9. Chun, S. A., Atluri, V., and Adam, N. R. (2005). Using semantics for policy-based web service composition. Distributed and Parallel Databases, 18(1):37-64.
  10. Dengler, F., Koschmider, A., Oberweis, A., and Zhang, H. (2011). Social software for coordination of collaborative process activities. In Muehlen, M. and Su, J., editors, Business Process Management Workshops, volume 66 of Lecture Notes in Business Information Processing, pages 396-407.
  11. Dwork, C. (2006). Differential privacy. In Bugliesi, M., Preneel, B., Sassone, V., and Wegener, I., editors, Automata, Languages and Programming, volume 4052 of Lecture Notes in Computer Science, pages 1-12.
  12. Dwork, C., McSherry, F., Nissim, K., and Smith, A. (2006). Calibrating noise to sensitivity in private data analysis. In Proceedings of the Third conference on Theory of Cryptography, TCC'06, pages 265-284.
  13. Evdemon, J., Arkin, A., Barreto, A., Curbera, B., Goland, F., G.Kartha, Khalaf, L., Marin, K., van der Rijn, M., and Yiu, Y. (2007). Services business process execution language version 2.0. OASIS Standard.
  14. Kerschbaum, F. and Deitos, R. J. (2008). Security against the business partner. In Proceedings of the 2008 ACM workshop on Secure web services, SWS 7808, pages 1- 10.
  15. Kifer, D. and Machanavajjhala, A. (2011). No free lunch in data privacy. In Proceedings of the 2011 ACM SIGMOD International Conference on Management of Data, SIGMOD 7811, pages 193-204.
  16. Koschmider, A., Song, M., and Reijers, H. A. (2010). Social software for business process modeling. Journal of Information Technology, 25(3):308-322.
  17. McSherry, F. D. (2009). Privacy integrated queries: an extensible platform for privacy-preserving data analysis. In Proceedings of the 2009 ACM SIGMOD International Conference on Management of data, SIGMOD 7809, pages 19-30.
  18. Moser, O., Rosenberg, F., and Dustdar, S. (2008). Nonintrusive monitoring and service adaptation for wsbpel. In Proceedings of the 17th international conference on World Wide Web, WWW 7808, pages 815-824.
  19. Paliwal, A. V., Shafiq, B., Vaidya, J., Xiong, H., and Adam, N. (2012). Semantics-based automated service discovery. Services Computing, IEEE Transactions on, 5(2):260-275.
  20. Quinlan, J. R. (1986). Induction of decision trees. Machine Learning, 1(1):81-106.
  21. Silva, R., Zhang, J., and Shanahan, J. G. (2005). Probabilistic workflow mining. In Proceedings of the eleventh ACM SIGKDD international conference on Knowledge discovery in data mining, KDD 7805, pages 275- 284.
  22. Turban, E., Lee, J. K., King, D., Liang, T. P., and Turban, D. (2009). Electronic commerce 2010.
  23. Van der Aalst, W., Weijters, T., and Maruster, L. (Sept.). Workflow mining: discovering process models from event logs. Knowledge and Data Engineering, IEEE Transactions on, 16(9):1128-1142.
  24. van der Aalst, W. M., Pesic, M., and Song, M. (2010). Beyond process mining: from the past to present and future. In Advanced Information Systems Engineering, pages 38-52.
  25. Wen, L., Wang, J., Aalst, W., Huang, B., and Sun, J. (2009). A novel approach for process mining based on event types. Journal of Intelligent Information Systems, 32:163-190.

Paper Citation

in Harvard Style

Irshad H., Shafiq B., Vaidya J., Ahmed Bashir M., Shamail S. and Adam N. (2015). Preserving Privacy in Collaborative Business Process Composition . In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 112-123. DOI: 10.5220/0005567801120123

in Bibtex Style

author={Hassaan Irshad and Basit Shafiq and Jaideep Vaidya and Muhammad Ahmed Bashir and Shafay Shamail and Nabil Adam},
title={Preserving Privacy in Collaborative Business Process Composition},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},

in EndNote Style

JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - Preserving Privacy in Collaborative Business Process Composition
SN - 978-989-758-117-5
AU - Irshad H.
AU - Shafiq B.
AU - Vaidya J.
AU - Ahmed Bashir M.
AU - Shamail S.
AU - Adam N.
PY - 2015
SP - 112
EP - 123
DO - 10.5220/0005567801120123