127 research outputs found
Machine Understandable Policies and GDPR Compliance Checking
The European General Data Protection Regulation (GDPR) calls for technical
and organizational measures to support its implementation. Towards this end,
the SPECIAL H2020 project aims to provide a set of tools that can be used by
data controllers and processors to automatically check if personal data
processing and sharing complies with the obligations set forth in the GDPR. The
primary contributions of the project include: (i) a policy language that can be
used to express consent, business policies, and regulatory obligations; and
(ii) two different approaches to automated compliance checking that can be used
to demonstrate that data processing performed by data controllers / processors
complies with consent provided by data subjects, and business processes comply
with regulatory obligations set forth in the GDPR
Big Data and Analytics in the Age of the GDPR
The new European General Data Protection Regulation places stringent restrictions on the processing of personally identifiable data. The GDPR does not only affect European companies, as the regulation applies to all the organizations that track or provide services to European citizens. Free exploratory data analysis is permitted only on anonymous data, at the cost of some legal risks.We argue that for the other kinds of personal data processing, the most flexible and safe legal basis is explicit consent. We illustrate the approach to consent management and compliance with the GDPR being developed by the European H2020 project SPECIAL, and highlight some related big data aspects
Real Time Reasoning in OWL2 for GDPR Compliance
This paper shows how knowledge representation and reasoning techniques can be
used to support organizations in complying with the GDPR, that is, the new
European data protection regulation. This work is carried out in a European
H2020 project called SPECIAL. Data usage policies, the consent of data
subjects, and selected fragments of the GDPR are encoded in a fragment of OWL2
called PL (policy language); compliance checking and policy validation are
reduced to subsumption checking and concept consistency checking. This work
proposes a satisfactory tradeoff between the expressiveness requirements on PL
posed by the GDPR, and the scalability requirements that arise from the use
cases provided by SPECIAL's industrial partners. Real-time compliance checking
is achieved by means of a specialized reasoner, called PLR, that leverages
knowledge compilation and structural subsumption techniques. The performance of
a prototype implementation of PLR is analyzed through systematic experiments,
and compared with the performance of other important reasoners. Moreover, we
show how PL and PLR can be extended to support richer ontologies, by means of
import-by-query techniques. PL and its integration with OWL2's profiles
constitute new tractable fragments of OWL2. We prove also some negative
results, concerning the intractability of unrestricted reasoning in PL, and the
limitations posed on ontology import
Privacy-aware Linked Widgets
The European General Data Protection Regulation (GDPR) brings
new challenges for companies, who must demonstrate that their
systems and business processes comply with usage constraints
specified by data subjects. However, due to the lack of standards,
tools, and best practices, many organizations struggle to adapt their
infrastructure and processes to ensure and demonstrate that all
data processing is in compliance with users' given consent. The
SPECIAL EU H2020 project has developed vocabularies that can
formally describe data subjects' given consent as well as methods
that use this description to automatically determine whether
processing of the data according to a given policy is compliant
with the given consent. Whereas this makes it possible to determine
whether processing was compliant or not, integration of the
approach into existing line of business applications and ex-ante
compliance checking remains an open challenge. In this short paper,
we demonstrate how the SPECIAL consent and compliance framework
can be integrated into Linked Widgets, a mashup platform, in
order to support privacy-aware ad-hoc integration of personal data.
The resulting environment makes it possible to create data integration
and processing workflows out of components that inherently
respect usage policies of the data that is being processed and are
able to demonstrate compliance. We provide an overview of the
necessary meta data and orchestration towards a privacy-aware
linked data mashup platform that automatically respects subjects'
given consents. The evaluation results show the potential of our
approach for ex-ante usage policy compliance checking within the
Linked Widgets Platforms and beyond
Data Privacy Vocabularies and Controls: Semantic Web for Transparency and Privacy
Managing Privacy and understanding the handling of personal data has turned into a fundamental right-at least for Europeans-since May 25th with the coming into force of the General Data Protection Regulation. Yet, whereas many different tools by different vendors promise companies to guarantee their compliance to GDPR in terms of consent management and keeping track of the personal data they handle in their processes, interoperability between such tools as well uniform user facing interfaces will be needed to enable true transparency, user-configurable and -manageable privacy policies and data portability (as also implicitly promised by GDPR). We argue that such interoperability can be enabled by agreed upon vocabularies and Linked Data
ISReal: An Open Platform for Semantic-Based 3D Simulations in the 3D Internet
Abstract. We present the first open and cross-disciplinary 3D Internet research platform, called ISReal, for intelligent 3D simulation of real-ities. Its core innovation is the comprehensively integrated application of semantic Web technologies, semantic services, intelligent agents, ver-ification and 3D graphics for this purpose. In this paper, we focus on the interplay between its components for semantic XML3D scene query processing and semantic 3D animation service handling, as well as the semantic-based perception and action planning with coupled semantic service composition by agent-controlled avatars in a virtual world. We demonstrate the use of the implemented platform for semantic-based 3D simulations in a small virtual world example with an intelligent user avatar and discuss results of the platform performance evaluation.
Semantic Web Enabled Software Engineering
Ontologies allow the capture and sharing of domain knowledge by formalizing information and making it machine understandable. As part of an information system,
ontologies can capture and carry the reasoning knowledge needed to fulfill different application goals. Although many ontologies have been developed over recent years, few
include such reasoning information. As a result, many ontologies are not used in real-life applications, do not get reused or only act as a taxonomy of a domain. This work is an investigation into the practical use of ontologies as a driving factor in the development of applications and the incorporation of Knowledge Engineering as a meaningful activity into modern agile software development. This thesis contributes a novel methodology that supports an incremental requirement analysis and an iterative formalization of ontology design through the use of ontology reasoning patterns. It also provides an application model for ontology-driven applications that can deal with nonontological data sources. A set of case studies with various application specific goals helps to elucidate whether ontologies are in fact suitable for more than simple knowledge formalization and sharing, and can act as the underlying structure for developing largescale information systems. Tasks from the area of bug-tracker quality mining and clone detection are evaluated for this purpose
- …