More from day 2 of BPM 2012.
The Difficulty of Replacing an Inclusive OR-Join
Cédric Favre of IBM Research presented the first paper of the session on some of the difficulties in translation between different forms of process models. One specific problem is replacing an inclusive OR join from a language such as BPMN, that supports them, to one that does not, such as Petri nets, while maintaining the same behavior in the workflow graph.
In the paper, they identify which IOR joins can be replaced locally using XOR and AND logic, and a non-local replacement technique. They also identify processes where an IOR join in a synchronization role cannot be replaced by XOR and AND logic.
This research is useful in looking at automated translation between different modeling languages, although questions raised by the audience pointed out some of the limitations of the approach, as well as considering that acyclic models (which were all that were considered in this research) could be easily translated from BPMN to BPEL, and that many BPEL to Petri net translators already exist.
Automatic Information Flow Analysis of Business Process Models
[link to pdf paper]
Andreas Lehmann of University of Rostock presented a paper on detecting where data and information leaks can occur due to structural flaws in processes; they define a data leak as direct (but illegal) access to a data object, while an information leak is when secret information can be inferred by someone who should not have access to that information. This research specifically looks at predefined structured processes within an organization; the issues in collaborative processes with ad hoc participants is obviously a bit more complex.
In a process where some tasks are confidential and others are observable (public within a certain domain, such as within a company), confidential tasks may be prerequisites for observable tasks, meaning that someone who knows that the observable task is happening also knows that the confidential task must have occurred. Similarly, if the confidential and observable tasks are mutually exclusive, then someone who knows that the observable task has not occurred knows that the confidential task has occurred instead. These are both referred to as “interferences”, and they have developed an approach to detect these sorts of interferences, then create extended Petri nets for the flow that can be used to identify reachability (which identifies whether an information leak can occur). Their work has included optimizing the algorithms to accomplish this information leak detection, and you can find out more about this at the service-technology website.
Definitely some interesting ideas here that can be applicable in a number of processes: their example was an insurance claim where an internal fraud investigation would be initiated based on some conditions, but the people participating in the process shouldn’t know that the investigation had begun since they were the ones being investigated. Note that their research is only concerned with detecting the information flows, but does not provide methods for removing information leaks from the processes.