Natural Language Processing of Rules and Regulations for Compliance in the Cloud

by Nick Papanikolaou
Abstract:
We discuss ongoing work on developing tools and techniques for under- standing natural-language descriptions of security and privacy rules, particularly in the context of cloud computing services. In particular, we present a three-part toolkit for analyzing and processing texts, and enforcing privacy and security rules extracted from those texts. We are interested in developing efficient, accurate technologies to reduce the time spent analyzing and reasoning about new privacy laws and security rules within the enterprise. We describe the tools we have developed for semantic annotation, and also for information extraction – these are specifically intended for analysis of cloud terms of service, and therefore designed to help with self- compliance; however, the techniques involved should be generalizable to other rele- vant texts, esp. rules and regulations for data protection.
Reference:
Natural Language Processing of Rules and Regulations for Compliance in the Cloud (Nick Papanikolaou), In Proceedings of DOA-SVI 2012, 2012.
Bibtex Entry:
@INPROCEEDINGS{Papanikolaou2012e,
  author = {Nick Papanikolaou},
  title = {Natural Language Processing of Rules and Regulations for Compliance
	in the Cloud},
  booktitle = {Proceedings of DOA-SVI 2012},
  year = {2012},
  address = {Rome, Italy},
  month = {10 September 2012},
  abstract = {We discuss ongoing work on developing tools and techniques for under-
	standing natural-language descriptions of security and privacy rules,
	particularly in the context of cloud computing services. In particular,
	we present a three-part toolkit for analyzing and processing texts,
	and enforcing privacy and security rules extracted from those texts.
	We are interested in developing efficient, accurate technologies
	to reduce the time spent analyzing and reasoning about new privacy
	laws and security rules within the enterprise. We describe the tools
	we have developed for semantic annotation, and also for information
	extraction - these are specifically intended for analysis of cloud
	terms of service, and therefore designed to help with self- compliance;
	however, the techniques involved should be generalizable to other
	rele- vant texts, esp. rules and regulations for data protection.},
  owner = {papaniko},
  timestamp = {2012.05.24},
  url = {../files/DOASVI2012.pdf}
}