Quantifying the Re-identification risk of event Logs for process mining: empiricial evaluation paper

Publikationstyp
Conference Paper
Date Issued
2020-06
Sprache
English
Author(s)
Nuñez von Voigt, Saskia
Fahrenkrog-Petersen Stephan A.  
Janssen, Dominik
Koschmider, Agnes  
Tschorsch, Florian  
Mannhardt, Felix  
Landsiedel, Olaf  
Weidlich, Matthias  
TORE-URI
https://hdl.handle.net/11420/53880
First published in
Lecture notes in computer science  
Number in series
12127 LNCS
Start Page
252
End Page
267
Citation
Advanced Information Systems Engineering 32nd International Conference, CAiSE 2020: 252-267
Contribution to Conference
32nd International Conference, CAiSE 2020  
Publisher DOI
10.1007/978-3-030-49435-3_16
Scopus ID
2-s2.0-85086228997
ISBN
978-3-030-49435-3
978-3-030-49434-6
978-3-030-49436-0
Event logs recorded during the execution of business processes constitute a valuable source of information. Applying process mining techniques to them, event logs may reveal the actual process execution and enable reasoning on quantitative or qualitative process properties. However, event logs often contain sensitive information that could be related to individual process stakeholders through background information and cross-correlation. We therefore argue that, when publishing event logs, the risk of such re-identification attacks must be considered. In this paper, we show how to quantify the re-identification risk with measures for the individual uniqueness in event logs. We also report on a large-scale study that explored the individual uniqueness in a collection of publicly available event logs. Our results suggest that potentially up to all of the cases in an event log may be re-identified, which highlights the importance of privacy-preserving techniques in process mining.
DDC Class
600: Technology