CRII: SaTC: Automated Knowledge Representation for IoT Cybersecurity Regulations
Texas A&M University - Central Texas, Killeen TX
Investigators
Abstract
Regulatory authorities worldwide are developing cybersecurity standards for security and data protection regulations to protect users' information. To protect the privacy and security of data that passes through the Internet of Things (IoT), vendors must adhere to the many cybersecurity IoT standards and regulations. Due to the growing number of smart devices in many domains, sensitive data is a significant consideration for cybersecurity. All the authority documents for the cybersecurity of IoT devices have complex rules and guidelines. Companies often need assistance understanding and listing the relevant regulations in privacy policies. This project focuses on only USA cybersecurity IoT laws, Data Protection Regulations, and National Institute of Standards and Technology (NIST) standards. The project develops a novel technique to extract knowledge from a vast database of IoT laws and create semantically rich ontology mappings for storing the extracted knowledge from regulatory IoT Cybersecurity Compliance and privacy policies to quickly crosscheck and update the applicable rules in privacy policy documents using suitable concepts from Semantic Web technologies. The ontologies will have rules from authority documents like relevant laws, NIST standards, and regulations. Additionally, the project provides a medium by publishing knowledge graphs for IoT manufacturers and users to know which standards or regulations a company follows and those that are missing without reading the privacy policy or IoT authority documents. Furthermore, the project approach will enable organizations to quickly query the knowledge graphs using SPARQL Protocol and RDF Query Language (SPARQL) and correct their policy documents. Overall, with this novel research, without human intervention, checking for IoT cybersecurity compliance can happen quickly, and results are sufficiently structured to check for any applicable authority rules and abide by them. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
View original record on NSF Award Search →