Ankur Nagar scite author profile

Ankur Nagar

4Publications

41Citation Statements Received

34Citation Statements Given

How they've been cited

How they cite others

Affiliations

University of Maryland, Baltimore County

Publications

Order By: Most citations

An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance

Elluri¹,

Nagar²,

Joshi³

2018

View full text Add to dashboard Cite

Big data analytics related to consumer behavior, market analysis, opinions, and recommendation often deal with end user's derived and inferred data, along with the observed data. To ensure consumer data protection, rules defined by the European Union's General Data Protection Regulation (EU GDPR) must be adhered to by every organization using Personally Identifiable Information (PII) data for Big Data analysis. Similarly, Payment Card Industry Data Security Standard (PCI DSS) has policy guidelines specifically for organizations handling consumer's payment card data. Both data regulation policies are currently available only in textual format and require significant manual effort to ensure their compliance. We have developed an integrated, semantically rich Knowledge Graph (or Ontology) to represent the rules mandated by both PCI DSS and EU GDPR. In the Ontology, we have also identified the obligations defined in these regulations and related them with corresponding Cloud Security Alliance (CSA) controls. We have validated this Knowledge Graph against the data policies of major vendors that deal with Big Data. This Knowledge Graph that is available in the public domain can be used by Big Data practitioners to automate data protection compliance in their organization.

show abstract

An Integrated Knowledge Graph to Automate Cloud Data Compliance

2020

View full text Add to dashboard Cite

To address data protection concerns , authorities and standards bodies worldwide have released a plethora of regulations, guidelines, and software controls to be applied to Cloud data. As a result, service providers maintaining their end-user's private attributes have seen a surge in compliance requirements. Since most of these regulations are not available in a machine-processable format, it requires significant manual effort to adhere to them. Often many of the laws have overlapping rules, but as they are not referencing each other, providers must duplicate efforts to comply with each regulation. We have done a detailed study of all the data protection regulations that apply to Cloud data. We have developed an integrated, semantically rich knowledge graph that captures these various data compliance regulation s. It includes the data threats and security controls that are needed to mitigate the risks. In this paper, we present this knowledge graph in detail, along with the system that we have developed to evaluate it. We have validated our knowledge graph against the privacy policies of various Cloud service providers like Amazon, Google, IBM, and Rackspace. This knowledge graph is available in the public domain and can be used by organizations to automate their compliance processes and set their enterprise Cloud security policies.

show abstract

Automated Compliance of Mobile Wallet Payments for Cloud Services

Nagar

Elluri

Joshi

2021

View full text Add to dashboard Cite

Mobile payments are on the rise, and as their popularity is emerging, providers must adhere to security regulations to ensure consumer confidence. There is currently no single regulation specific to mobile wallets, so existing banking transactions are used to secure mobile payment transactions. These financial regulations are large textual documents and require significant manual effort to comprehend and ensure compliance adherence. Thus, it is difficult for both the consumers and providers to understand which specific rules in these regulations apply to their mobile wallet transactions. We have created an integrated knowledge representation of the four main banking regulations that apply to mobile payment Electronic Funds Transfer Act (EFTA), Truth in Lending Act (TILA), Gramm-Leach-Bliley Act (GLBA), and Payment Card Industry Data Security Standards (PCI-DSS). In this paper, we present our framework in detail along with the qualitative and quantitative measures that were used to validate the design against the policies of six major vendors that deal with mobile payments. Our integrated mobile payment knowledge graph, which is available in the public domain, can be used by practitioners to automate mobile wallet transaction compliance in their organization.

show abstract

An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance

Elluri

Nagar

Joshi

2018

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ankur Nagar

An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance

An Integrated Knowledge Graph to Automate Cloud Data Compliance

Automated Compliance of Mobile Wallet Payments for Cloud Services

An Integrated Knowledge Graph to Automate GDPR and PCI DSS Compliance

Contact Info

Product

Resources

About