Runtime Detection of Business Process Compliance Violations: An Approach based on Anti Patterns

Today's enterprises demand a high degree of compliance in their business processes to meet diverse regulations and legislations. Several industrial studies have shown that compliance management is a daunting task, and organizations are still struggling and spending billions of dollars annually to ensure and prove their compliance. Theoretically, design-time compliance checking could provide a preliminary assurance that corresponding running instances would be compliant to relevant laws and regulations; however, due to the existence of human and machine related errors and the absence of necessary contextual information during design-time, runtime compliance monitoring becomes a must. In this paper, we present a generic proactive runtime Business Process (BP) compliance monitoring framework: BP-MaaS, which incorporates a wide range of expressive high-level compliance patterns for the abstract specification of runtime constraints. Compliance monitoring is achieved by means of anti-patterns, a novel evaluation approach that is independent of any underlying technology and could be applied to the checking of compliance in the different phases of the BP lifecycle. As a proof-of-concept, complex event processing (CEP) technology is adopted as one of the possible realizations of the framework.