Compliance of Semantic Constraints - A Requirements Analysis for Process Management Systems

Key to the use of process management systems (PrMS) in practice is their ability to facilitate the implementation, execution, and adaptation of business processes while still being able to ensure error-free process executions. Mechanisms have been developed to prevent errors at the syntactic level such as deadlocks. In many application domains, processes often have to comply with business level rules and policies (i.e., semantic constraints). Hence, in order to ensure error-free executions at the semantic level, PrMS need certain control mechanisms for validating and ensuring the compliance with semantic constraints throughout the process lifecycle. In this paper, we discuss fundamental requirements for a comprehensive support of semantic constraints in PrMS. Moreover, we provide a survey on existing approaches and discuss to what extent they meet the requirements and which challenges still have to be tackled. Finally, we show how the challenge of life time compliance can be dealt with by integrating design time and runtime process validation

Towards Compliance of Cross-Organizational Processes and their Changes

Businesses require the ability to rapidly implement new processes and to quickly adapt existing ones to environmental changes including the optimization of their interactions with partners and customers. However, changes of either intra- or cross-organizational processes must not be done in an uncontrolled manner. In particular, processes are increasingly subject to compliance rules that usually stem from security constraints, corporate guidelines, standards, and laws. These compliance rules have to be considered when modeling business processes and changing existing ones. While change and compliance have been extensively discussed for intra-organizational business processes, albeit only in an isolated manner, their combination in the context of cross-organizational processes remains an open issue. In this paper, we discuss requirements and challenges to be tackled in order to ensure that changes of cross-organizational business processes preserve compliance with imposed regulations, standards and laws

Ensuring Business Process Compliance Along the Process Life Cycle

Business processes are subject to semantic constraints that stem from regulations, laws and guidelines, and are also known as compliance rules. Hence, process-aware information systems have to ensure compliance with those rules in order to guarantee semantically correct and error-free executability as well as changeability of their business processes. This report discusses how compliance rules can be defined and how business process compliance can be ensured for the different phases of the process lifecycle

Proceedings of The Multi-Agent Logics, Languages, and Organisations Federated Workshops (MALLOW 2010)

http://ceur-ws.org/Vol-627/allproceedings.pdfInternational audienceMALLOW-2010 is a third edition of a series initiated in 2007 in Durham, and pursued in 2009 in Turin. The objective, as initially stated, is to "provide a venue where: the cost of participation was minimum; participants were able to attend various workshops, so fostering collaboration and cross-fertilization; there was a friendly atmosphere and plenty of time for networking, by maximizing the time participants spent together"

Ensuring Compliance of Distributed and Collaborative Workflows

Automated workflows must comply with domain-specific regulations, standards and rules. So far, compliance issues have been mainly addressed in the context of intra-organizational workflows. In turn, there exists only little work dealing with compliance of distributed and collaborative workflows. As opposed to intra-organizational workflows, for distributed and collaborative workflows compliance must be addressed at different levels. This includes local compliance rules of a particular partner as well as global compliance rules to be obeyed by multiple partners collaborating in the distributed workflow. As a particular challenge, the private elements of a particular partner workflow are hidden to the partners and hence not known by them. Accordingly, only limited information is available when checking compliance of distributed and collaborative workflows. This paper introduces techniques enabling compliance checking for distributed and collaborative workflows, taking these privacy constraints into account. Hence it enables ensuring compliance of distributed and collaborative workflows at design time

Executable specication of open multi-agent systems

Multi-agent systems where the agents are developed by parties with competing interests, and where there is no access to an agent's internal state, are often classi ed as `open'. The members of such systems may inadvertently fail to, or even deliberately choose not to, conform to the system speci cation. Consequently, it is necessary to specify the normative relations that may exist between the members, such as permission, obligation, and institutional power. We present a framework being developed for executable speci cation of open multi-agent systems. We adopt a bird's eye view of these systems, as opposed to an agent's perspective whereby it reasons about how it should act. This paper is devoted to the presentation of various examples from the NetBill protocol formalised in terms of institutional power, permission and obligation. We express the system speci cation in the Event Calculus and execute the speci cation by means of a logic programming implementation. We also give several example formalisations of sanctions for dealing with violations of permissions and obligations. We distinguish between an open multi-agent system and the procedure by which an agent enters and leaves the system. We present examples from the speci cation of a role-management protocol for NetBill, and demonstrate the interplay between such a protocol and the corresponding multi-agent system

A Visual Language for Modeling Business Process Compliance Rules

A fundamental challenge for enterprises is to ensure compliance of their business processes with imposed compliance rules stemming from various sources, e.g., corporate guidelines, best practices, standards, and laws. In general, a compliance rule may refer to multiple process perspectives including control flow, time, data, resources, and interactions with business partners. On one hand, compliance rules should be comprehensible for domain experts who must define, verify and apply them. On the other, these rules should have a precise semantics to avoid ambiguities and enable their automated processing. Providing a visual language is advantageous in this context as it allows hiding formal details and offering an intuitive way of modeling the compliance rules. However, existing visual languages for compliance rule modeling have focused on the control flow perspective so far, but lack proper support for the other process perspectives. To remedy this drawback, this paper introduces the extended Compliance Rule Graph language, which enables the visual modeling of compliance rules with the support of multiple perspectives. Overall, this language will foster the modeling and verification of compliance rules in practice

Change and Compliance in Collaborative Processes

During their lifecycle, business processes are keen to change. Changes either concern the process model structure or the accompanying rules; e.g. compliance rules (laws and regulations). In the context of business process collaborations, several process partners collaborate together, and changing one process might result in knock-on effects on the other processes; i.e., change propagation. Since business processes are often subject to restrictions that stem from laws, regulations or guidelines; i.e., compliance rules, changing them might lead to the violations of these rules (non-compliability). So far, only the impacts of process changes in choreographies have been studied. In this work, we propose an approach that analyzes and evaluates the impacts of process changes on the different compliance rules and inversely, the impacts of compliance rule changes on the process choreography

Semantic web service choreography: contracting and enactment

Abstract. The emerging paradigm of service-oriented computing requires novel techniques for various service-related tasks. Along with automated support for service discovery, selection, negotiation, and composition, support for automated service contracting and enactment is crucial for any large scale service environment, where large numbers of clients and service providers interact. Many problems in this area involve reasoning, and a number of logic-based methods to handle these problems have emerged in the field of Semantic Web Services. In this paper, we build upon our previous work where we used Concurrent Transaction Logic (CTR) to model and reason about service contracts. We significantly extend the modeling power of the previous work by allowing iterative processes in the specification of service contracts, and we extend the proof theory of CTR to enable reasoning about such contracts. With this extension, our logic-based approach is capable of modeling general services represented using languages such as WS-BPEL

PTL: A Model Transformation Language based on Logic Programming

In this paper we present a model transformation language based on logic programming. The language, called PTL (Prolog based Transformation Language), can be considered as a hybrid language in which ATL (Atlas Transformation Language)-style rules are combined with logic rules for defining transformations. ATL-style rules are used to define mappings from source models to target models while logic rules are used as helpers. The implementation of PTL is based on the encoding of the ATL-style rules by Prolog rules. Thus, PTL makes use of Prolog as a transformation engine. We have provided a declarative semantics to PTL and proved the semantics equivalent to the encoded program. We have studied an encoding of OCL (Object Constraint Language) with Prolog goals in order to map ATL to PTL. Thus a subset of PTL can be considered equivalent to a subset of ATL. The proposed language can be also used for model validation, that is, for checking constraints on models and transformations. We have equipped our language with debugging and tracing capabilities which help developers to detect programming errors in PTL rules. Additionally, we have developed an Eclipse plugin for editing PTL programs, as well as for debugging, tracing and validation. Finally, we have evaluated the language with several transformation examples as well as tested the performance with large models