• Wadha Labda

Student thesis: Phd


Business process models are often used to model and optimize business processes and their constituent activities. They provide adequate abstractions for representing a business system, comprising both a business process and its supporting information system in terms of the interactions between people, organizations and technical systems. Despite the widespread adoption and success of graphical languages such as BPMN (Business Process Modelling Notation), these modelling languages do not incorporate sufficient support for representing non- functional properties such as privacy and security constraints. Representing privacy constraints at early stages of business system modelling helps to represent user requirements with respect to these constraints and allows checkers to detect possible violations of these requirements. The importance of representing privacy constraints in such models arises particularly with the availability online of vast amounts of information about all aspects of our lives. Most of the existing methods, techniques and tools focus on implementing security constraints such as authentication, authorization and confidentiality. Some existing methods include privacy as one constraint of security; however, this does not give details about what privacy is protecting or what the specific privacy constraints are. Privacy has several constraints such as user consent, access control and purpose bindings, ensuring that data are not used for other than the specified purpose. These constraints have to be presented so that the business analyst and developer have an in-depth view of what is protected, how it is protected and from whom it should be protected. This makes business decisions more accurate and avoids any leakage of private information to unauthorized users. The aim of this research is to complement existing business process modelling (BPM) languages with tailored techniques for modelling and reasoning about privacy issues. The privacy modelling techniques are embedded within business process models to enable reasoning about privacy requirements in business processes. This is achieved by developing a privacy-aware extension of BPMN, which is the de facto standard of BPM languages. The contribution of this thesis is a privacy-aware extension of BPMN called PrvBPMN; its novelty arises from providing cognitively effective visual notations of privacy constraints in business process models and providing formalism about these constraints. The formalism is achieved by using description logic formalism, OWL DL and SWRL, which helps to identify places where privacy constraints may be violated when using it with formal reasoning methods. The design science research method was followed at all stages of the research. To demonstrate the effectiveness of PrvBPMN, both analytical and end-user evaluation methods were used to evaluate the ontological completeness, cognitive effectiveness and usefulness of PrvBPMN. For the analytical evaluation, two types of methods were used: ontological analysis using the BWW model, and the semiotic quality framework. The cognitive effectiveness of the notation syntax was assured by basing it on the physics of notations theory and evaluating it against the nine guidelines incorporated in this theory. Finally, an end-user evaluation was implemented, using surveys and a comparison between PrvBPMN and the existing approach of Mülle. It showed that PrvBPMN could be potentially useful in practical BPM.
Date of Award31 Dec 2018
Original languageEnglish
Awarding Institution
  • The University of Manchester
SupervisorNikolay Mehandjiev (Supervisor) & Pedro Sampaio (Supervisor)


  • BPMN
  • Privacy Modelling

Cite this