The online monitoring of collaborative business processes involves the integration of event data sourced from various information systems into a unified process state. The transmission of process records across organizational boundaries poses significant data secrecy and security challenges. In this context, organizations may be reluctant to outsource sensitive data with their collaborators to update a global process state. In this paper, we propose ProMTEE, a novel framework designed to tackle these challenges by resorting to trusted applications running in Trusted Execution Environments (TEEs). To showcase the potential of ProMTEE, we contextualize its four-staged interaction protocol within the realm of two online monitoring tasks, namely, control flow tracking and compliance monitoring. We verify the security of our solution through a threat analysis against a set of security requirements derived from a supply-chain scenario. In addition, we conduct an experimental assessment of our proof-of-concept implementation with tests on memory usage and latency using real-world datasets.
Secrecy Preservation for Online Process Monitoring with Trusted Execution Environment / Basile, Davide; Di Ciccio, Claudio. - 16044 LNCS:(2026), pp. 235-254. ( 23rd International Conference on Business Process Management, BPM 2025 esp ) [10.1007/978-3-032-02867-9_15].
Secrecy Preservation for Online Process Monitoring with Trusted Execution Environment
Basile, Davide
;Di Ciccio, Claudio
2026
Abstract
The online monitoring of collaborative business processes involves the integration of event data sourced from various information systems into a unified process state. The transmission of process records across organizational boundaries poses significant data secrecy and security challenges. In this context, organizations may be reluctant to outsource sensitive data with their collaborators to update a global process state. In this paper, we propose ProMTEE, a novel framework designed to tackle these challenges by resorting to trusted applications running in Trusted Execution Environments (TEEs). To showcase the potential of ProMTEE, we contextualize its four-staged interaction protocol within the realm of two online monitoring tasks, namely, control flow tracking and compliance monitoring. We verify the security of our solution through a threat analysis against a set of security requirements derived from a supply-chain scenario. In addition, we conduct an experimental assessment of our proof-of-concept implementation with tests on memory usage and latency using real-world datasets.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
