Automating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models

Simple item page
dc.contributor.authorEchenim, Kelvin
dc.contributor.authorJoshi, Karuna
dc.date.accessioned2025-07-30T19:22:08Z
dc.date.issued2025-07-07
dc.description.abstractRegulatory compliance is mandatory for Internet of Things (IoT) manufacturers, particularly under stringent frameworks such as the General Data Protection Regulation (GDPR), which governs the handling of personal data. We introduce a novel framework for automating IoT compliance verification by integrating a Large Language Model (LLM) with a domain-specific Knowledge Graph (KG). The framework achieves two primary objectives: 1) leveraging the LLM to interpret natural-language compliance queries, and 2) employing a KG populated with synthetic GDPR scenarios to provide structured, up-to-date regulatory guidance, modeling obligations, permissions, and prohibitions for both deontic (normative) and non-deontic (factual) queries, thus mitigating biases and hallucinations inherent in language models. Evaluated on 50 representative GDPR compliance queries, our approach achieves high semantic alignment (mean BERTScore F1 of 0.89), with expert reviewers rating approximately 84% of generated compliance advice as fully or mostly correct. This work offers IoT manufacturers a scalable, automated solution for data privacy compliance.
dc.description.sponsorshipThis work was supported by National Science Foundation (NSF) Award 2310844 titled Phase II IUCRC University of Maryland, Baltimore County (UMBC): Center for Accelerated Real-time Analytics (CARTA)
dc.description.urihttps://ieeexplore.ieee.org/document/11072168
dc.format.extent14 pages
dc.genrejournal articles
dc.identifierdoi:10.13016/m2fpg0-kl4l
dc.identifier.citationEchenim, Kelvin U., and Karuna P. Joshi. “Automating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models.” IEEE Access 13 (July 7, 2025): 118438–51. https://doi.org/10.1109/ACCESS.2025.3586278.
dc.identifier.urihttps://doi.org/10.1109/ACCESS.2025.3586278
dc.identifier.urihttp://hdl.handle.net/11603/39490
dc.language.isoen_US
dc.publisherIEEE
dc.relation.isAvailableAtThe University of Maryland, Baltimore County (UMBC)
dc.relation.ispartofUMBC Faculty Collection
dc.relation.ispartofUMBC Computer Science and Electrical Engineering Department
dc.relation.ispartofUMBC Information Systems Department
dc.relation.ispartofUMBC Student Collection
dc.rightsAttribution 4.0 International
dc.rights.urihttps://creativecommons.org/licenses/by/4.0/
dc.subjectLaw
dc.subjectregulatory compliance automation
dc.subjectGeneral Data Protection Regulation
dc.subjectCognition
dc.subjectsemantic interoperability
dc.subjectlarge language models
dc.subjectKnowledge graphs
dc.subjectIoT
dc.subjectData privacy compliance
dc.subjectUMBC Ebiquity Researh Group
dc.subjectUMBC Knowledge, Analytics, Cognitive and Cloud Computing (KnACC) lab
dc.subjectUMBC Cybersecurity Institute
dc.subjectLarge language models
dc.subjectPrivacy
dc.subjectknowledge graphs
dc.subjectwearables
dc.subjectRegulation
dc.subjectInternet of Things
dc.subjectData privacy
dc.subjectAccuracy
dc.subjectUMBC KNowlege, Analytics, Cognitive and Cloud Computing (KnACC) Lab
dc.titleAutomating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models
dc.typeText
dcterms.creatorhttps://orcid.org/0009-0006-8930-2612
dcterms.creatorhttps://orcid.org/0000-0002-6354-1686

Files

Original bundle

Now showing 1 - 1 of 1
Thumbnail Image
Name:
Automating_IoT_Data_Privacy_Compliance_by_Integrating_Knowledge_Graphs_With_Large_Language_Models.pdf
Size:
1.52 MB
Format:
Adobe Portable Document Format
Download

Collections

UMBC Faculty Collection
UMBC Computer Science and Electrical Engineering Department
UMBC Information Systems Department
UMBC Student Collection