This work addresses the challenge of verifying conformance between event logs and external process models in multi-party collaborations while preserving the confidentiality of sensitive log data. It introduces, for the first time, homomorphic encryption into the token-based replay algorithm to enable privacy-preserving compliance checking. By encrypting event logs homomorphically, the proposed method allows conformance verification against plaintext process models directly on ciphertext, eliminating the need to disclose original event data. Integrating token replay with secure multi-party computation, the approach demonstrates practical feasibility and effectiveness through experiments on synthetic logs, offering a novel paradigm for conducting process compliance analysis in privacy-sensitive environments.

Conformance checking, one of the main process mining operations, aims to identify discrepancies between a process model and an event log. The model represents the expected behaviour, whereas the event log represents the actual process behaviour as captured in information systems' records. Traditionally, the process model and the event log are both accessible to the business analyst performing the conformance checking. However, in some contexts the log's owner may want to protect critical or sensitive information in the log and still check its conformance with respect to a model belonging to another party. In this paper, we propose a secure approach to conformance checking based on the well-known token-based replay algorithm and homomorphic encryption. An evaluation is performed using a synthetic log, showing the practicality of the proposed technique.