Process Mining is a set of techniques that aim at discovering, monitoring and improving real processes by using logs of events created and stored by corporate information systems. The growing use of information and communication technologies and the imminent wide deployment of the Internet of Things enable the massive collection of events, which are going to be studied so as to improve all kinds of systems efficiency. Despite its enormous benefits, analyzing event logs might endanger individuals privacy, especially when those logs contain personal and confidential information, such as healthcare data. This article contributes to an emerging research direction within the process mining field, known as Privacy-Preserving Process Mining (PPPM), which embraces the privacy-by-design principle when conducting process mining analyses. We show that current solutions based on pseudonyms and encryption are vulnerable to attacks based on the analysis of the distribution of events combined with well-known location-oriented attacks such as the restricted space identification and the object identification attacks. With the aim to counteract these attacks, we present u-PPPM, a novel privacy-preserving process mining technique based on the uniformization of events distributions. This approach protects the privacy of the individuals appearing in event logs while minimizing the information loss during process discovery analyses. Experimental results, conducted using six real-life event logs, demonstrate the feasibility of our approach in real settings.

流程挖掘是一组技术，旨在通过使用公司信息系统创建和存储的事件日志来发现，监视和改善实际流程。信息和通信技术的日益普及以及物联网的即将广泛部署，使大量的事件得以收集，将对其进行研究，以提高各种系统的效率。尽管事件日志具有巨大的好处，但分析事件日志可能会危害个人隐私，尤其是当这些日志包含个人和机密信息（例如医疗保健数据）时。本文为过程挖掘领域中一个新兴的研究方向做出了贡献，即隐私保护过程挖掘（PPPM），它在进行过程挖掘分析时包含了设计隐私原则。我们通过基于事件分布的分析结合已知的面向位置的攻击（例如受限空间标识和对象标识攻击），显示了基于假名和加密的当前解决方案容易受到攻击。为了抵制这些攻击，我们提出u -PPPM，这是一种基于事件分布均匀化的新颖的隐私保护过程挖掘技术。这种方法可以保护事件日志中出现的个人的隐私，同时最大程度地减少过程发现分析过程中的信息丢失。使用六个真实事件日志进行的实验结果证明了我们的方法在真实环境中的可行性。