Accorsi, RafaelWonnemann, ClausAbramowicz, WitoldMaciaszek, LeszekKowalczyk, RyszardSpeck, Andreas2019-06-032019-06-032009978-3-88579-241-3https://dl.gi.de/handle/20.500.12116/23231We report on ongoing work towards a posteriori detection of illegal information flows for business processes, focusing on the challenges involved in doing so. Resembling a forensic investigation, our approach aims at analyzing the audit trails resultant from the execution of the business processes, locating informations flows that violate the (non-functional) requirements stipulated by security policies. The goal is to obtain fine-grained evidence of policy compliance with respect to information flows.enText/Conference Paper1617-5468