Privacy Infringement Severity
Privacy Infringement Severity is a ProM plug-in developed to aid
auditors in ensuring privacy compliance. It requires a business process model and an event
log as inputs. These two inputs represent the intended behaviour of
a system, respectively the actual behaviour. Given background
knowledge on the tasks, user roles, reputation and data items used
in the system, the tool is able to identify and quantify privacy
infringements that may have occurred during the execution of the
business process. This way auditors can prioritize the severity of
different infringements and address the most important issues in the
limited time they have available to perform a privacy audit.
- The plu-in is available on Assembla SVN
- User Manual
- Banescu, Sebastian, and Nicola Zannone. Measuring privacy compliance with process specifications.
Proceedings of the 3rd International Workshop on Security Measurements and Metrics (MetriSec 2011), pages 41-50, 2011. IEEE Computer Society.
- Banescu, Sebastian, Milan Petković, and Nicola Zannone. Measuring Privacy Compliance Using Fitness Metrics. Proceedings of the 10th International Conference on Business Process Management (BPM 2012), LNCS 7481, pages 114-119, 2012. Springer.
- Sebastian Banescu. Decision Support for Privacy Auditing. Master Thesis. Eindhoven University of Technology. 2012