Automating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models
Gespeichert in:
| Titel: | Automating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models |
|---|---|
| Autoren: | Kelvin U. Echenim, Karuna P. Joshi |
| Quelle: | IEEE Access, Vol 13, Pp 118438-118451 (2025) |
| Verlagsinformationen: | Institute of Electrical and Electronics Engineers (IEEE), 2025. |
| Publikationsjahr: | 2025 |
| Schlagwörter: | IoT, UMBC Cybersecurity Institute, Internet of Things, FOS: Law, Data privacy compliance, UMBC KNowlege, Analytics, Cognitive and Cloud Computing (KnACC) Lab, semantic interoperability, UMBC Ebiquity Researh Group, TK1-9971, regulatory compliance automation, Cognition, knowledge graphs, wearables, Privacy, Knowledge graphs, large language models, Electrical engineering. Electronics. Nuclear engineering, Large language models, Law, Data privacy, Accuracy, General Data Protection Regulation, UMBC Knowledge, Analytics, Cognitive and Cloud Computing (KnACC) lab, Regulation |
| Beschreibung: | Regulatory compliance is mandatory for Internet of Things (IoT) manufacturers, particularly under stringent frameworks such as the General Data Protection Regulation (GDPR), which governs the handling of personal data. We introduce a novel framework for automating IoT compliance verification by integrating a Large Language Model (LLM) with a domain-specific Knowledge Graph (KG). The framework achieves two primary objectives: 1) leveraging the LLM to interpret natural-language compliance queries, and 2) employing a KG populated with synthetic GDPR scenarios to provide structured, up-to-date regulatory guidance, modeling obligations, permissions, and prohibitions for both deontic (normative) and non-deontic (factual) queries, thus mitigating biases and hallucinations inherent in language models. Evaluated on 50 representative GDPR compliance queries, our approach achieves high semantic alignment (mean BERTScore F1 of 0.89), with expert reviewers rating approximately 84% of generated compliance advice as fully or mostly correct. This work offers IoT manufacturers a scalable, automated solution for data privacy compliance. |
| Publikationsart: | Article Other literature type |
| ISSN: | 2169-3536 |
| DOI: | 10.1109/access.2025.3586278 |
| DOI: | 10.13016/m2fpg0-kl4l |
| Zugangs-URL: | https://doaj.org/article/6e4966b153f144c3a6b322e1eb8bcabc |
| Rights: | CC BY |
| Dokumentencode: | edsair.doi.dedup.....17ba7444eaef1ac849eaca730e3f11c2 |
| Datenbank: | OpenAIRE |
Full Text Finder 
Nájsť tento článok vo Web of Science | Abstract: | Regulatory compliance is mandatory for Internet of Things (IoT) manufacturers, particularly under stringent frameworks such as the General Data Protection Regulation (GDPR), which governs the handling of personal data. We introduce a novel framework for automating IoT compliance verification by integrating a Large Language Model (LLM) with a domain-specific Knowledge Graph (KG). The framework achieves two primary objectives: 1) leveraging the LLM to interpret natural-language compliance queries, and 2) employing a KG populated with synthetic GDPR scenarios to provide structured, up-to-date regulatory guidance, modeling obligations, permissions, and prohibitions for both deontic (normative) and non-deontic (factual) queries, thus mitigating biases and hallucinations inherent in language models. Evaluated on 50 representative GDPR compliance queries, our approach achieves high semantic alignment (mean BERTScore F1 of 0.89), with expert reviewers rating approximately 84% of generated compliance advice as fully or mostly correct. This work offers IoT manufacturers a scalable, automated solution for data privacy compliance. |
|---|---|
| ISSN: | 21693536 |
| DOI: | 10.1109/access.2025.3586278 |