Skip to Main Content
This paper presents RecIF, a forensic technique for the analysis of business process logs to detect illegal data flows. RecIF uses propagation graphs to formally capture the data flow within a process execution. Abstracting away from the concrete traces, propagation graphs are analyzed with extensional data flow policies that denote what - instead of how - relevant industrial requirements, e.g. Chinese Wall and separation of duty constraints, are to be achieved. An example and the corresponding runtime figures demonstrate the feasibility of the approach.