Privacy Infringement Severity
Description
Privacy Infringement Severity is a ProM plug-in
developed to aid auditors in ensuring privacy compliance. It requires a business process model and an event log as
inputs. These two inputs represent the intended behaviour of a system, respectively the actual behaviour. Given
background knowledge on the tasks, user roles, reputation and data items used in the system, the tool is able to
identify and quantify privacy infringements that may have occurred during the execution of the business process.
This way auditors can prioritize the severity of different infringements and address the most important issues in
the limited time they have available to perform a privacy audit.
Download
-
The plu-in is available on
Assembla SVN
- User Manual
People
Publications
-
Banescu, Sebastian, and Nicola Zannone. Measuring privacy compliance with process specifications.
Proceedings of the 3rd International Workshop on Security Measurements and Metrics (MetriSec 2011), pages
41-50, 2011. IEEE Computer Society.
-
Banescu, Sebastian, Milan Petković, and Nicola Zannone. Measuring Privacy Compliance Using Fitness Metrics.
Proceedings of the 10th International Conference on Business Process Management (BPM 2012), LNCS 7481,
pages 114-119, 2012. Springer.
-
Sebastian Banescu. Decision Support for Privacy Auditing. Master Thesis. Eindhoven University of
Technology. 2012