Privacy-preserving process mining: A microaggregation-based approach

Identifier:  imarina:9266895

Handle: https://hdl.handle.net/20.500.11797/imarina9266895

Authors:  Batista, Edgar; Martinez-Balleste, Antoni; Solanas, Agusti

Abstract:
The proper exploitation of vast amounts of event data by means of process mining techniques enables the discovery, monitoring and improvement of business processes, allowing organizations to develop more efficient business intelligence systems. However, event data often contain personal and/or confidential information that, unless properly managed, may jeopardize people's privacy while conducting process mining analysis. Despite its relevance, privacy aspects have barely been considered within process mining, and the field of privacy-preserving process mining is still in an embryonic stage. With the aim to protect people's privacy, this article presents a novel privacy-preserving process mining method based on microaggregation techniques, called k-PPPM, that increases privacy in process mining through k-anonymity. Contrary to current solutions, mostly based on pseudonyms and encryption, this method averts the re-identification of targeted individuals from attacks based on the analysis of process models in combination with location-oriented attacks, such as Restricted Space Identification and Object Identification attacks. The proposed method provides adjustable parameters to tune different anonymization aspects. Six real-life event logs have been employed to evaluate the method in terms of process models quality and information loss.