Usage Control for Process Discovery Through a Trusted Execution Environment
摘要
Process mining provides valuable insights into workflows based on recorded execution data. The registered event logs often contain sensitive information as they may bear personal details about working individuals or reveal organizations’ know-how and their operations’ history. Therefore, confidentiality and privacy requirements are high priority for process mining. In this paper, we present ProMiSe, a software framework and service that allows users to control information usage for automated process discovery, from input provision, through log processing, to output consultation. Usage control rules are expressed by means of policies. ProMiSe turns them into dedicated applications running within a Trusted Execution Environment (TEE) to enforce those rules. We put our solution to the test with real-world event logs to assess its computational resource consumption and service time.