proposal for BPR4GDPR ontologies presentation to the group from Georgios V. Lioudakis on 2020-09-11 (public-dpvcg@w3.org from September 2020)

From: Georgios V. Lioudakis <gelioud@ieee.org>
Date: Fri, 11 Sep 2020 18:47:22 +0300
To: Data Privacy Vocabularies and Controls Community Group <public-dpvcg@w3.org>
Message-ID: <eab7ed0a-5dd4-3746-e639-6a397674e98c@ieee.org>

Hi all,

As discussed during the last telco, the H2020 BPR4GDPR project shares 
some similar goals with the DPVCG, since a cornerstone of the project 
work has been the development of ontologies devised for privacy 
protection -- GDPR compliance in particular.

Therefore, I am circulating the abstract for a possible presentation of 
the BPR4GDPR ontologies to the group; if there is interest, I can give 
the presentation during one of the forthcoming telcos.

Please find the abstract below (figures are in the attachment):


The H2020 BPR4GDPR project aims at bringing about a new GDPR compliance 
paradigm, by providing the tools and methodologies that will facilitate 
the implementation of the appropriate technical and organisational 
measures, particularly by SMEs. In this context, it provides various 
types of tools, including mechanisms for the automatic verification and 
re-engineering of Business Processes towards becoming compliant, as well 
as appropriate run-time components for enforcing compliance requirements.
The ground of the BPR4GDPR solutions consists of a set of ontologies 
that essentially constitute a comprehensive model of the GDPR basic 
concept and requirements. The most important ontological models are the 
following:
-- Information Model Ontology: It incorporates all fundamental concepts, 
including personal data types, purposes, operations, roles, 
organisations, machines, context, etc.; Figure 1 depicts a high-level 
diagram of classes, whereas Figure 2 illustrates an example personal 
data graph, highlighting the hierarchical properties.
-- Policy Model Ontology: It provides the appropriate ontological 
structures for the specification of policies, in terms of access and 
usage control rules that associate actors, data, operations, purposes, 
pre-/post-actions and contextual parameters into permissions, 
prohibitions and obligations. Figure 3 presents the diagram of classes.
-- Workflow Model Ontology: Also referred to as the ‘Compliance 
Metamodel’, it constitutes a process modelling approach that enables the 
incorporation of security and privacy constraints into the process 
models. Further, it allows for comprehensively capturing all underlying 
concepts, such as actors, data assets and flows. Figure 4 illustrates 
the high-level diagram of classes.


Best regards,
George.

-- 
Georgios V. Lioudakis
Electrical & Computer Engineer, Dr.-Ing.
ICT abovo Information & Communication Technologies PC
20 Iridanou str, 115 28
Athens, Greece
Tel: +30 210 7238856
Mob: +30 697 3435121
e-mail: georgios.lioudakis@ict-abovo.gr

Attachments

application/pdf attachment: BPR4GDPR_ontologies_--_abstract.pdf

Received on Friday, 11 September 2020 15:47:49 UTC