An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance
dc.contributor.author | Elluri, Lavanya | |
dc.contributor.author | Nagar, Ankur | |
dc.contributor.author | Joshi, Karuna Pande | |
dc.date.accessioned | 2018-11-26T19:17:30Z | |
dc.date.available | 2018-11-26T19:17:30Z | |
dc.date.issued | 2018-12-11 | |
dc.description | Proceedings of the 2018 IEEE International Conference on Big Data, Seattle | en_US |
dc.description.abstract | Big data analytics related to consumer behavior, market analysis, opinions, and recommendation often deal with end user's derived and inferred data, along with the observed data. To ensure consumer data protection, rules defined by the European Union’s General Data Protection Regulation (EU GDPR) must be adhered to by every organization using Personally Identifiable Information (PII) data for Big Data analysis. Similarly, Payment Card Industry Data Security Standard (PCI DSS) has policy guidelines specifically for organizations handling consumer’s payment card data. Both data regulation policies are currently available only in textual format and require significant manual effort to ensure their compliance. We have developed an integrated, semantically rich Knowledge Graph (or Ontology) to represent the rules mandated by both PCI DSS and EU GDPR. In the Ontology, we have also identified the obligations defined in these regulations and related them with corresponding Cloud Security Alliance (CSA) controls. We have validated this Knowledge Graph against the data policies of major vendors that deal with Big Data. This Knowledge Graph that is available in the public domain can be used by Big Data practitioners to automate data protection compliance in their organization. | en_US |
dc.description.uri | https://ieeexplore.ieee.org/document/8622236 | en_US |
dc.format.extent | 6 pages | en_US |
dc.genre | conference papers and proceedings preprints | en_US |
dc.identifier | doi:10.13016/M2JQ0T00S | |
dc.identifier.citation | L. Elluri, A. Nagar and K. P. Joshi, "An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance," 2018 IEEE International Conference on Big Data (Big Data), Seattle, WA, USA, 2018, pp. 1266-1271, doi: 10.1109/BigData.2018.8622236. | en_US |
dc.identifier.uri | http://hdl.handle.net/11603/12095 | |
dc.identifier.uri | 10.1109/BigData.2018.8622236 | |
dc.language.iso | en_US | en_US |
dc.publisher | IEEE | en_US |
dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
dc.relation.ispartof | UMBC Information Systems Department Collection | |
dc.relation.ispartof | UMBC Faculty Collection | |
dc.relation.ispartof | UMBC Student Collection | |
dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | |
dc.rights | © 2018 IEEE | |
dc.subject | Data Protection | en_US |
dc.subject | Ontology | en_US |
dc.subject | General Data Protection Regulation | en_US |
dc.subject | Organizations | en_US |
dc.subject | UMBC Ebiquity Research Group | en_US |
dc.title | An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance | en_US |
dc.type | Text | en_US |