Modeling the Resource Perspective of Business Process Compliance Rules with the Extended Compliance Rule Graph

Process-aware information systems must ensure compliance of the business processes they implement with global compliance rules related to security constraints, domain-specific guidelines, standards, and laws. Usually, respective compliance rules cover multiple process perspectives; i.e., they not only deal with the control flow perspective that restricts the sequence in which the process activities shall be executed, but also refer to other process perspectives like data, time, and resource. Although there are various approaches for specifying compliance rules (e.g., based on temporal logic and narrative patterns), only few languages allow for the visual modeling of compliance rules. In turn, existing visual languages focus on the control flow perspective, but treat the other process perspectives as second class citizens. To remedy this drawback, this paper presents an approach for the visual modeling of business process compliance rules, including the resource perspective. The suitability of this approach is evaluated in a case study that was performed by business analysts in the healthcare domain.

[1]  Akhil Kumar,et al.  Flexible Process Compliance with Semantic Constraints Using Mixed-Integer Programming , 2013, INFORMS J. Comput..

[2]  Ying Liu,et al.  A static compliance-checking framework for business process models , 2007, IBM Syst. J..

[3]  Stefanie Rinderle-Ma,et al.  On the Formal Semantics of the Extended Compliance Rule Graph , 2013 .

[4]  Zahir Tari,et al.  On the Move to Meaningful Internet Systems 2007: CoopIS, DOA, ODBASE, GADA, and IS, OTM Confederated International Conferences CoopIS, DOA, ODBASE, GADA, and IS 2007, Vilamoura, Portugal, November 25-30, 2007, Proceedings, Part II , 2007, OTM Conferences.

[5]  Johann Eder,et al.  Temporal Conformance of Federated Choreographies , 2008, DEXA.

[6]  Mike P. Papazoglou,et al.  Capturing Compliance Requirements: A Pattern-Based Approach , 2012, IEEE Software.

[7]  Mathias Weske,et al.  Specification, Verification and Explanation of Violation for Data Aware Compliance Rules , 2009, ICSOC/ServiceWave.

[8]  Wil M. P. van der Aalst,et al.  Verification of Workflow Nets , 1997, ICATPN.

[9]  Wil M. P. van der Aalst,et al.  Workflow Resource Patterns: Identification, Representation and Tool Support , 2005, CAiSE.

[10]  Stefanie Rinderle-Ma,et al.  Towards Compliance of Cross-Organizational Processes and Their Changes - Research Challenges and State of Research , 2012, Business Process Management Workshops.

[11]  Peter Dadam,et al.  On enabling integrated process compliance with semantic constraints in process management systems , 2012, Inf. Syst. Frontiers.

[12]  Dirk Fahland,et al.  Where Did I Misbehave? Diagnostic Information in Compliance Checking , 2012, BPM.

[13]  Manfred Reichert,et al.  Data-aware interaction in distributed and collaborative workflows: Modeling, semantics, correctness , 2012, 8th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom).

[14]  Erik P. de Vink,et al.  Time and Data-Aware Analysis of Graphical Service Models in Reo , 2010, 2010 8th IEEE International Conference on Software Engineering and Formal Methods.

[15]  Peretz Shoval,et al.  Conceptual Modeling - ER 2010, 29th International Conference on Conceptual Modeling, Vancouver, BC, Canada, November 1-4, 2010. Proceedings , 2010, ER.

[16]  Serge Haddad,et al.  Application and Theory of Petri Nets , 2012, Lecture Notes in Computer Science.

[17]  Guido Governatori,et al.  Compliance aware business process design , 2008 .

[18]  Andreas Speck,et al.  Checkable Graphical Business Process Representation , 2010, ADBIS.

[19]  Akhil Kumar,et al.  A Framework for Designing Resource-Driven Workflows , 2010 .

[20]  Andreas Schaad,et al.  A case study of separation of duty properties in the context of the Austrian "eLaw" process. , 2005, SAC '05.

[21]  Aditya K. Ghose,et al.  Auditing Business Process Compliance , 2007, ICSOC.

[22]  Guido Governatori,et al.  The Journey to Business Process Compliance , 2009, Handbook of Research on Business Process Modeling.

[23]  Peter Dadam,et al.  Design and Verification of Instantiable Compliance Rule Graphs in Process-Aware Information Systems , 2010, CAiSE.

[24]  Nenad Stojanovic,et al.  Pattern-Based Design and Validation of Business Process Compliance , 2007, OTM Conferences.

[25]  Mathias Weske,et al.  Visually specifying compliance rules and explaining their violations for business processes , 2011, J. Vis. Lang. Comput..

[26]  Dirk Fahland,et al.  Diagnostic information in compliance checking , 2012 .

[27]  Akhil Kumar,et al.  A Framework for Document-Driven Workflow Systems , 2005, Business Process Management.

[28]  Peter Dadam,et al.  On Enabling Data-Aware Compliance Checking of Business Process Models , 2010, ER.

[29]  Akhil Kumar,et al.  Visual Modeling of Business Process Compliance Rules with the Support of Multiple Perspectives , 2013, ER.

[30]  Antonio Ruiz Cortés,et al.  Hints on How to Face Business Process Compliance , 2010 .

[31]  ReichertManfred,et al.  Adept _flex Supporting Dynamic Changes of Workflows Without Losing Control , 1998 .

[32]  Marlon Dumas,et al.  Service Interaction Patterns , 2005, Business Process Management.

[33]  Shazia Wasim Sadiq,et al.  Compliance checking between business processes and business contracts , 2006, 2006 10th IEEE International Enterprise Distributed Object Computing Conference (EDOC'06).

[34]  Wenfei Fan,et al.  Keys with Upward Wildcards for XML , 2001, DEXA.

[35]  Priya Narasimhan,et al.  Service-Oriented Computing - ICSOC 2007, Fifth International Conference, Vienna, Austria, September 17-20, 2007, Proceedings , 2007, ICSOC.

[36]  Manfred Reichert,et al.  Adeptflex—Supporting Dynamic Changes of Workflows Without Losing Control , 1998, Journal of Intelligent Information Systems.

[37]  Stefanie Rinderle-Ma,et al.  On Enabling Compliance of Cross-Organizational Business Processes , 2013, BPM.

[38]  Dirk Fahland,et al.  Separating Compliance Management and Business Process Management , 2011, Business Process Management Workshops.

[39]  Yoshinori Sato,et al.  Automated Certification for Compliant Cloud-based Business Processes , 2011, Bus. Inf. Syst. Eng..

[40]  Rüdiger Pryss,et al.  Ensuring compliance of distributed and collaborative workflows , 2013, 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing.

[41]  Manfred Reichert,et al.  Time patterns for process-aware information systems , 2014, Requirements Engineering.

[42]  Manfred Reichert,et al.  Ensuring business process compliance along the process life cycle , 2012 .

[43]  Mathias Weske,et al.  Interaction-centric modeling of process choreographies , 2011, Inf. Syst..

[44]  Peter Dadam,et al.  Monitoring Business Process Compliance Using Compliance Rule Graphs , 2011, OTM Conferences.

[45]  Sebastian Höhn,et al.  Model-based reasoning on the achievement of business goals , 2009, SAC '09.

[46]  Gianfranco Balbo,et al.  Application and Theory of Petri Nets 1997 , 1997 .