Real Time Reasoning in OWL2 for GDPR Compliance
P.A. Bonatti, L. Ioffredo, I. Petrova, L. Sauro, I. R. Siahaan
TL;DR
This paper presents a specialized reasoning system, PLR, for real-time compliance checking of GDPR policies encoded in a fragment of OWL2, balancing expressiveness and scalability for industrial applications.
Contribution
It introduces a new tractable fragment of OWL2 called PL, along with a reasoner PLR, enabling efficient real-time GDPR compliance verification in industrial contexts.
Findings
PLR achieves real-time performance in compliance checking
PL and PLR are extendable to support richer ontologies
The work identifies intractability limits of unrestricted reasoning in PL
Abstract
This paper shows how knowledge representation and reasoning techniques can be used to support organizations in complying with the GDPR, that is, the new European data protection regulation. This work is carried out in a European H2020 project called SPECIAL. Data usage policies, the consent of data subjects, and selected fragments of the GDPR are encoded in a fragment of OWL2 called PL (policy language); compliance checking and policy validation are reduced to subsumption checking and concept consistency checking. This work proposes a satisfactory tradeoff between the expressiveness requirements on PL posed by the GDPR, and the scalability requirements that arise from the use cases provided by SPECIAL's industrial partners. Real-time compliance checking is achieved by means of a specialized reasoner, called PLR, that leverages knowledge compilation and structural subsumption techniques.…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAccess Control and Trust · Privacy-Preserving Technologies in Data · Cloud Data Security Solutions