Process performance indicators (PPIs) are metrics to quantify the degree with which organizational goals defined based on business processes are fulfilled. They exploit the event logs recorded by information systems during the execution of business processes, thereby providing a basis for process monitoring and subsequent optimization. However, PPIs are often evaluated on processes that involve individuals, which implies an inevitable risk of privacy intrusion. In this paper, we address the demand for privacy protection in the computation of PPIs. We first present a framework that enforces control over the data exploited for process monitoring. We then show how PPIs defined based on the established PPINOT meta-model are instantiated in this framework through a set of data release mechanisms. These mechanisms are designed to provide provable guarantees in terms of differential privacy. We evaluate our framework and the release mechanisms in a series of controlled experiments. We further use a public event log to compare our framework with approaches based on privatization of event logs. The results demonstrate feasibility and shed light on the trade-offs between data utility and privacy guarantees in the computation of PPIs.
翻译:程序业绩指标(PPI)是量化在业务流程基础上确定的组织目标实现程度的衡量标准,它们利用信息系统在执行业务流程过程中记录的事件记录,从而为程序监测和随后的优化提供基础;然而,对涉及个人的过程,这必然意味着隐私被侵犯的风险,经常对PPI进行评估;在本文件中,我们在计算PPPI时处理对隐私保护的需求;我们首先提出一个框架,对用于程序监测的数据实行控制;然后,我们通过一套数据发布机制,说明在这个框架内,如何通过一套数据发布机制,对已经确立的PPINOT元模型界定的PPPIPS进行即时处理;这些机制旨在提供差异隐私权方面的可变保障;我们在一系列受控试验中评估我们的框架和释放机制;我们进一步使用公共事件记录,将我们的框架与基于事件日志私有化的办法进行比较;结果显示可行性,并说明了计算PPIPI中的数据效用和隐私保障之间的取舍。