Knowledge Graphs to Automate Cloud Data Security Compliance
Research talk by Prof. Karuna Joshi
Friday, February 18, 2022 · 12 - 1 PM
UMBC Cyber Defense Lab presents
Semantically Rich Knowledge Graphs
to Automate Cloud Data Security and
Compliance
Prof. Karuna Joshi
Information Systems, UMBC
12-1pm ET, Friday, 18 Feb. 2022
Remotely via WebEx
To address data protection concerns, authorities and standards bodies worldwide have released a plethora of regulations, guidelines, and software controls to be applied to cloud services data. As a result, service providers maintaining their end-users private attributes have seen a surge in compliance requirements. This becomes especially important in critical domains like healthcare and finance. As most of these cloud data regulations are not available in a machine-processable format, it requires significant manual effort to adhere to them. Often many of the laws have overlapping rules, but as they are not referencing each other, providers must duplicate efforts to comply with each regulation. Furthermore, providers often encrypt cloud data to meet regulatory requirements, but these records cannot be queried without the large overhead of decryption. As the volume of cloud-based services reaches big data levels, it is essential to be able to have searchable encrypted cloud data.
We have developed a semantically rich ontology or knowledge graph that captures knowledge embedded in various cloud data compliance regulations using techniques from AI, NLP, and text extraction. It includes data threats and security controls that are needed to mitigate the risks. We have also developed a novel approach that facilitates searchable encryption using attribute-based encryption (ABE) and multi-keyword search techniques. In this talk, I will present the results of this work, especially as applied to GDPR, PCI-DSS, and HIPAA regulations.
Dr. Karuna Pande Joshi is an associate professor of information systems at UMBC and UMBC director of the Center of Accelerated Real Time Analytics (CARTA). She also directs the Knowledge Analytics Cognitive and Cloud (KnACC) Lab. Her research focus is in the areas of data science, cloud computing, data security and privacy, and healthcare IT systems. She has published over 70 papers and her research is supported by ONR, NSF, DoD, IBM, GE Research, and Cisco. She teaches courses in big data, database systems design, decision support systems and software engineering. She received her MS and PhD in computer science from UMBC, where she was twice awarded the IBM PhD Fellowship, and her Bachelors in computer engineering from the University of Mumbai, India. Dr. Joshi also has extensive experience working in industry, primarily as an IT program/project manager at the International Monetary Fund.
Host: Alan T. Sherman, sherman@umbc.edu. Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681. The UMBC Cyber Defense Lab meets biweekly Fridays 12-1pm. All meetings are open to the public. Upcoming CDL meetings: Mar 4, Mar 18, Apr 1 Kirellos Elsaad (UMBC), Apr 15, Apr 29 Ian Blumenfeld (UMBC), May 13 Enka Blanchard (Digitrust Loria, France)