Towards information flow auditing in workflows
ISSN der Zeitschrift
Gesellschaft für Informatik e.V.
The paper proposes an approach for compliance audits in workflow environments based on the tracking of information flow. Requirements are formalized as a binary relation on the workflow principals. The workflows' execution logs are transferred into graph-based representations of the explicit information flows (dataflows) and adherence to compliance requirements is checked while traversing these graphs. The scope and limits are discussed and the major milestones for further work are outlined.