- The paper introduces a privacy-preserving token-based replay mechanism leveraging fully homomorphic encryption to securely compute conformance metrics over encrypted data.
- It redefines token-based replay as matrix operations and employs vectorized computations over encrypted markings to ensure no sensitive data is exposed.
- Experimental results show feasible runtimes for short traces with room for optimization in scalability and ciphertext size management.
Introduction and Context
This paper addresses the challenge of privacy-preserving conformance checking in process mining by introducing a homomorphically encrypted version of the token-based replay algorithm. Conformance checking typically requires full access to both the process model (usually represented as a Petri net) and the event log capturing observed process executions. However, scenarios increasingly arise where organizations need to verify conformance without exposing sensitive process or log data, notably in inter-organizational collaboration or when benchmarking private business operations. The proposed framework leverages fully homomorphic encryption (FHE) to facilitate conformance checking when the process model and the event log are held by mutually distrusting parties, enabling computation directly over encrypted vectors and matrices.
Technical Overview and System Architecture
The approach re-formulates the standard token-based replay conformance checking as a sequence of matrix and vector operations. The core innovation is the use of the marking equation over encrypted data to perform replay semantics in a privacy-preserving manner. The interaction involves a client-server model in which:
- The event log owner encodes and encrypts the traces to be verified.
- The model owner possesses the Petri net and executes the homomorphic computation of replay steps.
- At no point does either party learn confidential information from the other; all communication is over ciphertext.
The system's architecture is visualized below.
Figure 2: Block diagram illustrating the approach and system architecture.
Matrix Representation of Token-Based Replay
Token-based replay is redefined using matrix-multiplication semantics. Petri nets are encoded via their incidence matrix N, while markings and sequences are represented as (possibly encrypted) vectors. Every step of the replay is realized as an update of the marking vector by
M′=M+N⋅σT
where σ encodes the (possibly silent) transition firing sequence required to effectuate a log event in the Petri net. The algorithm systematically handles silent (τ) transitions and both fitting and non-fitting traces, including token manipulation to accommodate discrepancies.
Secure Handling of Unfitting Traces
When a transition is not directly enabled in the current marking, the algorithm computes and inserts the necessary "missing" tokens homomorphically. Matrix P precomputes all preset patterns for model transitions, and the encrypted computation systematically augments the marking when discrepancies (conformance deviations) are detected.
Encrypted Fitness Metric Calculation
Fitness metrics are homomorphically computed, specifically the number of produced, consumed, missing, and remaining tokens (p, c, m, r) as per the classical token-based replay fitness definition. The algorithm employs multiset difference, min/max operations, and dynamic marking vector normalization, all executed over ciphertext to prevent information leakage.
Conditional-Avoidant Homomorphic Logic
Due to the non-determinism required for security in FHE settings, the approach avoids conditional branching. The algorithm leverages vectorized selectors, such as the indicator vector sel, and arithmetic-based control flows to select between multiple possible update scenarios without leaking trace-specific information through control flow.
Experimental Validation and Numerical Results
The prototype, implemented with Zama’s Concrete FHE Python library, was evaluated using synthetic logs and a pedagogical process model. Four experimental variants were constructed: cleartext/secure for both the simple replay and full fitness computation.
Strong numerical results are characterized by:
- End-to-end secure conformance checking, including replay and fitness computation, completed in under one minute (typically 7.8 to 37.4 seconds for traces of length 5 to 13).
- For the most involved computation—returning all token counts (p, M′=M+N⋅σT0, M′=M+N⋅σT1, M′=M+N⋅σT2)—the runtime increased substantially to between 35 and 84 minutes, attributed to the ciphertext expansion for higher-precision integer results in the FHE backend.
- All computations preserve strict privacy: neither the event log nor process model details are revealed outside their owning party, and all intermediate computation remains encrypted.
Implications and Future Directions
This work demonstrates the feasibility of secure, privacy-preserving conformance checking in contexts where business secrets or regulatory requirements preclude direct log or model sharing. The approach is practically relevant for inter-organizational auditing, privacy-sensitive supply chains, and benchmarking where disclosure is unacceptable. The full vectorized and conditional-agnostic design ensures compatibility with modern FHE toolkits and paves the way for integration with secure multi-party computation (MPC) methods.
Notably, performance remains a limiting factor, especially for full token count computation with wider integer ranges. Further work is necessary to optimize ciphertext size management, perhaps by adopting ciphertext packing, domain-specific encoding, or alternative bootstrapping techniques. Adopting lightweight token-counting approximations or incremental aggregation outside the encrypted domain could provide additional efficiency. Extending evaluation to realistic, large-scale logs and multi-party infrastructures will be required for adoption in enterprise scenarios.
Conclusion
A novel secure conformance checking protocol for Petri net-based process models is introduced, built on homomorphic encryption and a matrix-driven, vectorized form of token-based replay. The system provides robust privacy guarantees and demonstrates feasible, though not yet competitive, runtime performance under FHE. This approach lays the foundation for broader adoption of privacy-preserving process mining, particularly in sectors requiring compliance with strict data protection requirements. Future research will address performance, real-world deployment, and resilience to additional inference attacks.