A Semantic Approach for Automating Knowledge in Policies of Cyber Insurance Services

Thumbnail Image

Files

923.pdf (359.54 KB)

Links to Files

https://ieeexplore.ieee.org/document/8818417

Permanent Link

https://doi.org/10.1109/ICWS.2019.00018
 http://hdl.handle.net/11603/14978

Collections

UMBC Information Systems Department
UMBC Computer Science and Electrical Engineering Department
UMBC Faculty Collection
UMBC Student Collection

Author/Creator

Author/Creator ORCID

Date

2019-07-08

Type of Work

conference papers and proceedings preprints
Text

Department

Program

Citation of Original Publication

K. Joshi, K. Pande Joshi and S. Mittal, "A Semantic Approach for Automating Knowledge in Policies of Cyber Insurance Services," 2019 IEEE International Conference on Web Services (ICWS), Milan, Italy, 2019, pp. 33-40, doi: 10.1109/ICWS.2019.00018.

Rights

This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
© 2019 IEEE.

Subjects

Cyber Insurance
Ontology
Knowledge Representation
Policies
UMBC Ebiquity Research Group

Abstract

With the rapid adoption of web services, the need to protect against various threats has become imperative for organizations operating in cyberspace. Organizations are increasingly opting to get financial cover in the event of losses due to a security incident. This helps them safeguard against the threat posed to third-party services that the organization uses. It is in the organization’s interest to understand the insurance requirements and procure all necessary direct and liability coverages. This helps transfer some risks to the insurance providers. However, cyber insurance policies often list details about coverages and exclusions using legalese that can be difficult to comprehend. Currently, it takes a significant manual effort to parse and extract knowledgeable rules from these lengthy and complicated policy documents. We have developed a semantically rich machine processable framework to automatically analyze cyber insurance policy and populate a knowledge graph that efficiently captures various inclusion and exclusion terms and rules embedded in the policy. In this paper, we describe this framework that has been built using technologies from AI, including Semantic Web, Modal/ Deontic Logic, and Natural Language Processing. We have validated our approach using industry standards proposed by the United States Federal Trade Commission (FTC) and applying it against publicly available policies of 7 cyber insurance vendors. Our system will enable cyber insurance seekers to automatically analyze various policy documents and make a well-informed decision by identifying its inclusions and exclusions.