Semantically Rich Knowledge Graphs to Automate Cloud Data Security and Compliance

Karuna Joshi
IS Department

Friday, February 18, 2022
Remotely via WebEx:

Recording of Talk.


To address data protection concerns, authorities and standards bodies worldwide have released a plethora of regulations, guidelines, and software controls to be applied to cloud services data. As a result, service providers maintaining their end-users private attributes have seen a surge in compliance requirements. This becomes especially important in critical domains like healthcare and finance. As most of these cloud data regulations are not available in a machine-processable format, it requires significant manual effort to adhere to them. Often many of the laws have overlapping rules, but as they are not referencing each other, providers must duplicate efforts to comply with each regulation. Furthermore, providers often encrypt cloud data to meet regulatory requirements, but these records cannot be queried without the large overhead of decryption. As the volume of cloud-based services reaches big data levels, it is essential to be able to have searchable encrypted cloud data.

We have developed a semantically rich ontology or knowledge graph that captures knowledge embedded in various cloud data compliance regulations using techniques from AI, NLP, and text extraction. It includes data threats and security controls that are needed to mitigate the risks. We have also developed a novel approach that facilitates searchable encryption using attribute-based encryption (ABE) and multi-keyword search techniques. In this talk, I will present the results of this work, especially as applied to GDPR, PCI-DSS, and HIPAA regulations.


About the Speaker:

Dr. Karuna Pande Joshi is an associate professor of information systems at UMBC and UMBC director of the Center of Accelerated Real-Time Analytics (CARTA). She also directs the Knowledge Analytics Cognitive and Cloud (KnACC) Lab. Her research focus is in the areas of data science, cloud computing, data security and privacy, and healthcare IT systems. She has published over 70 papers and her research is supported by ONR, NSF, DoD, IBM, GE Research, and Cisco. She teaches courses in big data, database systems design, decision support systems, and software engineering. She received her MS and Ph.D. in computer science from UMBC, where she was twice awarded the IBM Ph.D. Fellowship, and her Bachelors in computer engineering from the University of Mumbai, India. Dr. Joshi also has extensive experience working in the industry, primarily as an IT program/project manager at the International Monetary Fund.


Alan T. Sherman,

Upcoming CDL Meetings:

Mar 4, Ted Selker
Mar 18, Nilanjan Banerjee (UMBC)
Apr 1, Kirellos Elsaad (UMBC)
Apr 15, Edward Zieglar (NSA)
Apr 29, Ian Blumenfeld (UMBC)
May 13, Enka Blanchard (Digitrust Loria, France)


Support for this event was provided in part by the National Science Foundation under SFS grant DGE-1753681.

The UMBC Cyber Defense Lab meets biweekly Fridays 12-1 pm. All meetings are open to the public.