An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance

dc.contributor.authorElluri, Lavanya
dc.contributor.authorNagar, Ankur
dc.contributor.authorJoshi, Karuna Pande
dc.date.accessioned2018-11-26T19:17:30Z
dc.date.available2018-11-26T19:17:30Z
dc.date.issued2018-12-11
dc.descriptionProceedings of the 2018 IEEE International Conference on Big Data, Seattleen_US
dc.description.abstractBig data analytics related to consumer behavior, market analysis, opinions, and recommendation often deal with end user's derived and inferred data, along with the observed data. To ensure consumer data protection, rules defined by the European Union’s General Data Protection Regulation (EU GDPR) must be adhered to by every organization using Personally Identifiable Information (PII) data for Big Data analysis. Similarly, Payment Card Industry Data Security Standard (PCI DSS) has policy guidelines specifically for organizations handling consumer’s payment card data. Both data regulation policies are currently available only in textual format and require significant manual effort to ensure their compliance. We have developed an integrated, semantically rich Knowledge Graph (or Ontology) to represent the rules mandated by both PCI DSS and EU GDPR. In the Ontology, we have also identified the obligations defined in these regulations and related them with corresponding Cloud Security Alliance (CSA) controls. We have validated this Knowledge Graph against the data policies of major vendors that deal with Big Data. This Knowledge Graph that is available in the public domain can be used by Big Data practitioners to automate data protection compliance in their organization.en_US
dc.description.urihttps://ieeexplore.ieee.org/document/8622236en_US
dc.format.extent6 pagesen_US
dc.genreconference papers and proceedings preprintsen_US
dc.identifierdoi:10.13016/M2JQ0T00S
dc.identifier.citationL. Elluri, A. Nagar and K. P. Joshi, "An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance," 2018 IEEE International Conference on Big Data (Big Data), Seattle, WA, USA, 2018, pp. 1266-1271, doi: 10.1109/BigData.2018.8622236.en_US
dc.identifier.urihttp://hdl.handle.net/11603/12095
dc.identifier.uri10.1109/BigData.2018.8622236
dc.language.isoen_USen_US
dc.publisherIEEEen_US
dc.relation.isAvailableAtThe University of Maryland, Baltimore County (UMBC)
dc.relation.ispartofUMBC Information Systems Department Collection
dc.relation.ispartofUMBC Faculty Collection
dc.relation.ispartofUMBC Student Collection
dc.rightsThis item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author.
dc.rights© 2018 IEEE
dc.subjectData Protectionen_US
dc.subjectOntologyen_US
dc.subjectGeneral Data Protection Regulationen_US
dc.subjectOrganizationsen_US
dc.subjectUMBC Ebiquity Research Groupen_US
dc.titleAn Integrated Knowledge Graph to Automate GDPR and PCI DSS Complianceen_US
dc.typeTexten_US

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
907.pd.pdf
Size:
727.19 KB
Format:
Adobe Portable Document Format
Description:

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
2.56 KB
Format:
Item-specific license agreed upon to submission
Description: