Academic Journal
Προβολή σε EDS

Automating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models

Λεπτομέρειες βιβλιογραφικής εγγραφής
Τίτλος: Automating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models
Συγγραφείς: Kelvin U. Echenim, Karuna P. Joshi
Πηγή: IEEE Access, Vol 13, Pp 118438-118451 (2025)
Στοιχεία εκδότη: Institute of Electrical and Electronics Engineers (IEEE), 2025.
Έτος έκδοσης: 2025
Θεματικοί όροι: IoT, UMBC Cybersecurity Institute, Internet of Things, FOS: Law, Data privacy compliance, UMBC KNowlege, Analytics, Cognitive and Cloud Computing (KnACC) Lab, semantic interoperability, UMBC Ebiquity Researh Group, TK1-9971, regulatory compliance automation, Cognition, knowledge graphs, wearables, Privacy, Knowledge graphs, large language models, Electrical engineering. Electronics. Nuclear engineering, Large language models, Law, Data privacy, Accuracy, General Data Protection Regulation, UMBC Knowledge, Analytics, Cognitive and Cloud Computing (KnACC) lab, Regulation
Περιγραφή: Regulatory compliance is mandatory for Internet of Things (IoT) manufacturers, particularly under stringent frameworks such as the General Data Protection Regulation (GDPR), which governs the handling of personal data. We introduce a novel framework for automating IoT compliance verification by integrating a Large Language Model (LLM) with a domain-specific Knowledge Graph (KG). The framework achieves two primary objectives: 1) leveraging the LLM to interpret natural-language compliance queries, and 2) employing a KG populated with synthetic GDPR scenarios to provide structured, up-to-date regulatory guidance, modeling obligations, permissions, and prohibitions for both deontic (normative) and non-deontic (factual) queries, thus mitigating biases and hallucinations inherent in language models. Evaluated on 50 representative GDPR compliance queries, our approach achieves high semantic alignment (mean BERTScore F1 of 0.89), with expert reviewers rating approximately 84% of generated compliance advice as fully or mostly correct. This work offers IoT manufacturers a scalable, automated solution for data privacy compliance.
Τύπος εγγράφου: Article
Other literature type
ISSN: 2169-3536
DOI: 10.1109/access.2025.3586278
DOI: 10.13016/m2fpg0-kl4l
Σύνδεσμος πρόσβασης: https://doaj.org/article/6e4966b153f144c3a6b322e1eb8bcabc
Rights: CC BY
Αριθμός Καταχώρησης: edsair.doi.dedup.....17ba7444eaef1ac849eaca730e3f11c2
Βάση Δεδομένων: OpenAIRE
FullText Text:
  Availability: 0
CustomLinks:
  – Url: https://explore.openaire.eu/search/publication?articleId=doi_dedup___%3A%3A17ba7444eaef1ac849eaca730e3f11c2
    Name: EDS - OpenAIRE (ns324271)
    Category: fullText
    Text: View record at OpenAIRE
  – Url: https://resolver.ebsco.com/c/fiv2js/result?sid=EBSCO:edsair&genre=article&issn=21693536&ISBN=&volume=13&issue=&date=20250101&spage=118438&pages=118438-118451&title=IEEE Access&atitle=Automating%20IoT%20Data%20Privacy%20Compliance%20by%20Integrating%20Knowledge%20Graphs%20With%20Large%20Language%20Models&aulast=Kelvin%20U.%20Echenim&id=DOI:10.1109/access.2025.3586278
    Name: Full Text Finder (for New FTF UI) (ns324271)
    Category: fullText
    Text: Full Text Finder
    MouseOverText: Full Text Finder
Header DbId: edsair
DbLabel: OpenAIRE
An: edsair.doi.dedup.....17ba7444eaef1ac849eaca730e3f11c2
RelevancyScore: 1015
AccessLevel: 3
PubType: Academic Journal
PubTypeId: academicJournal
PreciseRelevancyScore: 1014.736328125
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Automating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Kelvin+U%2E+Echenim%22">Kelvin U. Echenim</searchLink><br /><searchLink fieldCode="AR" term="%22Karuna+P%2E+Joshi%22">Karuna P. Joshi</searchLink>
– Name: TitleSource
  Label: Source
  Group: Src
  Data: IEEE Access, Vol 13, Pp 118438-118451 (2025)
– Name: Publisher
  Label: Publisher Information
  Group: PubInfo
  Data: Institute of Electrical and Electronics Engineers (IEEE), 2025.
– Name: DatePubCY
  Label: Publication Year
  Group: Date
  Data: 2025
– Name: Subject
  Label: Subject Terms
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22IoT%22">IoT</searchLink><br /><searchLink fieldCode="DE" term="%22UMBC+Cybersecurity+Institute%22">UMBC Cybersecurity Institute</searchLink><br /><searchLink fieldCode="DE" term="%22Internet+of+Things%22">Internet of Things</searchLink><br /><searchLink fieldCode="DE" term="%22FOS%3A+Law%22">FOS: Law</searchLink><br /><searchLink fieldCode="DE" term="%22Data+privacy+compliance%22">Data privacy compliance</searchLink><br /><searchLink fieldCode="DE" term="%22UMBC+KNowlege%2C+Analytics%2C+Cognitive+and+Cloud+Computing+%28KnACC%29+Lab%22">UMBC KNowlege, Analytics, Cognitive and Cloud Computing (KnACC) Lab</searchLink><br /><searchLink fieldCode="DE" term="%22semantic+interoperability%22">semantic interoperability</searchLink><br /><searchLink fieldCode="DE" term="%22UMBC+Ebiquity+Researh+Group%22">UMBC Ebiquity Researh Group</searchLink><br /><searchLink fieldCode="DE" term="%22TK1-9971%22">TK1-9971</searchLink><br /><searchLink fieldCode="DE" term="%22regulatory+compliance+automation%22">regulatory compliance automation</searchLink><br /><searchLink fieldCode="DE" term="%22Cognition%22">Cognition</searchLink><br /><searchLink fieldCode="DE" term="%22knowledge+graphs%22">knowledge graphs</searchLink><br /><searchLink fieldCode="DE" term="%22wearables%22">wearables</searchLink><br /><searchLink fieldCode="DE" term="%22Privacy%22">Privacy</searchLink><br /><searchLink fieldCode="DE" term="%22Knowledge+graphs%22">Knowledge graphs</searchLink><br /><searchLink fieldCode="DE" term="%22large+language+models%22">large language models</searchLink><br /><searchLink fieldCode="DE" term="%22Electrical+engineering%2E+Electronics%2E+Nuclear+engineering%22">Electrical engineering. Electronics. Nuclear engineering</searchLink><br /><searchLink fieldCode="DE" term="%22Large+language+models%22">Large language models</searchLink><br /><searchLink fieldCode="DE" term="%22Law%22">Law</searchLink><br /><searchLink fieldCode="DE" term="%22Data+privacy%22">Data privacy</searchLink><br /><searchLink fieldCode="DE" term="%22Accuracy%22">Accuracy</searchLink><br /><searchLink fieldCode="DE" term="%22General+Data+Protection+Regulation%22">General Data Protection Regulation</searchLink><br /><searchLink fieldCode="DE" term="%22UMBC+Knowledge%2C+Analytics%2C+Cognitive+and+Cloud+Computing+%28KnACC%29+lab%22">UMBC Knowledge, Analytics, Cognitive and Cloud Computing (KnACC) lab</searchLink><br /><searchLink fieldCode="DE" term="%22Regulation%22">Regulation</searchLink>
– Name: Abstract
  Label: Description
  Group: Ab
  Data: Regulatory compliance is mandatory for Internet of Things (IoT) manufacturers, particularly under stringent frameworks such as the General Data Protection Regulation (GDPR), which governs the handling of personal data. We introduce a novel framework for automating IoT compliance verification by integrating a Large Language Model (LLM) with a domain-specific Knowledge Graph (KG). The framework achieves two primary objectives: 1) leveraging the LLM to interpret natural-language compliance queries, and 2) employing a KG populated with synthetic GDPR scenarios to provide structured, up-to-date regulatory guidance, modeling obligations, permissions, and prohibitions for both deontic (normative) and non-deontic (factual) queries, thus mitigating biases and hallucinations inherent in language models. Evaluated on 50 representative GDPR compliance queries, our approach achieves high semantic alignment (mean BERTScore F1 of 0.89), with expert reviewers rating approximately 84% of generated compliance advice as fully or mostly correct. This work offers IoT manufacturers a scalable, automated solution for data privacy compliance.
– Name: TypeDocument
  Label: Document Type
  Group: TypDoc
  Data: Article<br />Other literature type
– Name: ISSN
  Label: ISSN
  Group: ISSN
  Data: 2169-3536
– Name: DOI
  Label: DOI
  Group: ID
  Data: 10.1109/access.2025.3586278
– Name: DOI
  Label: DOI
  Group: ID
  Data: 10.13016/m2fpg0-kl4l
– Name: URL
  Label: Access URL
  Group: URL
  Data: <link linkTarget="URL" linkTerm="https://doaj.org/article/6e4966b153f144c3a6b322e1eb8bcabc" linkWindow="_blank">https://doaj.org/article/6e4966b153f144c3a6b322e1eb8bcabc</link>
– Name: Copyright
  Label: Rights
  Group: Cpyrght
  Data: CC BY
– Name: AN
  Label: Accession Number
  Group: ID
  Data: edsair.doi.dedup.....17ba7444eaef1ac849eaca730e3f11c2
PLink https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=edsair&AN=edsair.doi.dedup.....17ba7444eaef1ac849eaca730e3f11c2
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1109/access.2025.3586278
    Languages:
      – Text: Undetermined
    PhysicalDescription:
      Pagination:
        PageCount: 14
        StartPage: 118438
    Subjects:
      – SubjectFull: IoT
        Type: general
      – SubjectFull: UMBC Cybersecurity Institute
        Type: general
      – SubjectFull: Internet of Things
        Type: general
      – SubjectFull: FOS: Law
        Type: general
      – SubjectFull: Data privacy compliance
        Type: general
      – SubjectFull: UMBC KNowlege, Analytics, Cognitive and Cloud Computing (KnACC) Lab
        Type: general
      – SubjectFull: semantic interoperability
        Type: general
      – SubjectFull: UMBC Ebiquity Researh Group
        Type: general
      – SubjectFull: TK1-9971
        Type: general
      – SubjectFull: regulatory compliance automation
        Type: general
      – SubjectFull: Cognition
        Type: general
      – SubjectFull: knowledge graphs
        Type: general
      – SubjectFull: wearables
        Type: general
      – SubjectFull: Privacy
        Type: general
      – SubjectFull: Knowledge graphs
        Type: general
      – SubjectFull: large language models
        Type: general
      – SubjectFull: Electrical engineering. Electronics. Nuclear engineering
        Type: general
      – SubjectFull: Large language models
        Type: general
      – SubjectFull: Law
        Type: general
      – SubjectFull: Data privacy
        Type: general
      – SubjectFull: Accuracy
        Type: general
      – SubjectFull: General Data Protection Regulation
        Type: general
      – SubjectFull: UMBC Knowledge, Analytics, Cognitive and Cloud Computing (KnACC) lab
        Type: general
      – SubjectFull: Regulation
        Type: general
    Titles:
      – TitleFull: Automating IoT Data Privacy Compliance by Integrating Knowledge Graphs With Large Language Models
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Kelvin U. Echenim
      – PersonEntity:
          Name:
            NameFull: Karuna P. Joshi
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 01
              Type: published
              Y: 2025
          Identifiers:
            – Type: issn-print
              Value: 21693536
            – Type: issn-locals
              Value: edsair
            – Type: issn-locals
              Value: edsairFT
          Numbering:
            – Type: volume
              Value: 13
          Titles:
            – TitleFull: IEEE Access
              Type: main
ResultId 1