The Peninsula Hotels
In this paper, the authors present IFAudit, an approach for the audit of dataflow policies in workflow models. IFAudit encompasses three steps. First, propagation graphs are generated from workflows' log data. They represent the explicit information flows caused, e.g., by data access and message-passing, that have occurred during the execution of the workflow. Second, dataflow policies expressing security and compliance requirements are formalized in a system-independent manner as a binary relation on the workflow principals. Third, an audit algorithm analyzes the propagation graphs against the policies and delivers evidence with regard to whether the workflow complies with them. Besides presenting the corresponding algorithms, the paper discusses possible extensions to address more general types of information flows.