Skip to content

Policy-based Automated Compliance Checking

Under the GDPR requirements and privacy-by-design guidelines, access control for personal data should not be limited to a simple role-based scenario. For the processing to be compliant, additional attributes, such as the purpose of processing or legal basis, should be verified against an established data processing agreement or policy.
In this paper, we propose an automated policy-based compliance checking model and implement it using SHACL. We provide the preliminary performance evaluation results and offer optimizations. We also define the procedure for handling conflicts in policies, resulting from the natural language description of the compliance rules. Our method combines a data model with compliance checking within the Semantic Web framework, generating what we call an operational model and promoting interoperability.

Anas Al Bassit, Katsiaryna Krasnashchok, Sabri Skhiri, Majd Mustapha, Policy-based Automated Compliance Checking, In Proc. of the 5th International Joint Conference on Rules and Reasoning, 2021.

The final paper will be published after the conference.

Releated Posts

Augment to Interpret: Unsupervised and Inherently Interpretable Graph Embeddings

In this paper, we study graph representation learning and show that data augmentation that preserves semantics can be learned and used to produce interpretations. Our framework, which we named INGENIOUS, creates inherently interpretable embeddings and eliminates the need for costly additional post-hoc analysis.
Read More

SANGEA: Scalable and Attributed Network Generation

In this paper, we present SANGEA, a sizeable synthetic graph generation framework that extends the applicability of any SGG to large graphs. By first splitting the large graph into communities, SANGEA trains one SGG per community, then links the community graphs back together to create a synthetic large graph.
Read More