This work addresses the challenge of performing compliance checking while preserving data privacy, as both process models and event logs often contain sensitive information. It proposes a novel secure compliance-checking approach that integrates homomorphic encryption with alignment mechanisms to enable mutual privacy protection: neither the model owner nor the log owner can access the other’s data. By combining string-processing algorithms with alignment techniques, the method demonstrates feasibility on both synthetic and real-world event logs. Although it incurs substantial computational and memory overhead, the approach successfully achieves fully private compliance verification, establishing a new paradigm for privacy-sensitive process compliance analysis.

Conformance checking, one of the main process mining operations, aims to identify discrepancies between a process model and an event log. The model represents the expected behaviour, whereas the event log represents the actual process behaviour as captured in information systems records. Traditionally, the process model and the event log are both accessible to the business analyst performing the conformance checking. However, in some contexts, it is necessary to keep either the model or the log private to protect critical or sensitive information. In this paper, we propose a secure approach to conformance checking based on string processing algorithms and homomorphic encryption, where the process model and event log ar not visible to either the model's or event log's owner. The proposed technique is based on alignments, a well-known formalism used for conformance checking. An evaluation is performed using a synthetic and a real-world event log, showing that conformance checking can be securely computed at the expense of high memory and processing requirements.