Privacy Compliance Requirements in Workflow Environments

Privacy Compliance Requirements in Workflow Environments

Maria N. Koukovini (National Technical University of Athens, Greece), Eugenia I. Papagiannakopoulou (National Technical University of Athens, Greece), Georgios V. Lioudakis (National Technical University of Athens, Greece), Nikolaos L. Dellas (SingularLogic S.A., Greece), Dimitra I. Kaklamani (National Technical University of Athens, Greece) and Iakovos S. Venieris (National Technical University of Athens, Greece)
DOI: 10.4018/978-1-5225-7113-1.ch092

Abstract

Workflow management systems are used to run day-to-day applications in numerous domains, often including exchange and processing of sensitive data. Their native “leakage-proneness,” being the consequence of their distributed and collaborative nature, calls for sophisticated mechanisms able to guarantee proper enforcement of the necessary privacy protection measures. Motivated by the principles of Privacy by Design and its potential for workflow environments, this chapter investigates the associated issues, challenges, and requirements. With the legal and regulatory provisions regarding privacy in information systems as a baseline, the chapter elaborates on the challenges and derived requirements in the context of workflow environments, taking into account the particular needs and implications of the latter. Further, it highlights important aspects that need to be considered regarding, on the one hand, the incorporation of privacy-enhancing features in the workflow models themselves and, on the other, the evaluation of the latter against privacy provisions.
Chapter Preview
Top

Background

In general terms, a workflow is a collection of tasks, i.e., well-specified steps to be completed by available resources towards performing a more complex operational procedure, along with their various interrelations, that denote the order in which tasks are executed and process the information exchanged among them, if any. A workflow is typically abstracted as a directed graph <T, E>, with the set of tasks T constituting its vertices and its edges E representing inter-task relations and associated parameters.

Complete Chapter List

Search this Book:
Reset