An empirical study of natural language parsing of privacy policy rules using the SPARCLE policy workbench

Brodie, Carolyn; Karat, Clare-Marie; Karat, John

doi:10.1145/1143120.1143123

Cited by 110 publications

(71 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…They allow to reformulate rules in a way that is still readable for the user and is easier to formalize than NL. In the Business Rules domain, CLs are used in Oracle Policy Modeling Suite 3 , in IBM SPARCLE policy workbench [4]. Other in use controlled languages have been described by RuleSpeak [16], by Atempto Controlled English (http://attempto.ifi.uzh.ch/site/docs/).…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

From Regulatory Texts to BRMS: How to Guide the Acquisition of Business Rules?

Guisse

Fran

Lévy

et al. 2012

Rules on the Web: Research and Applications

View full text Add to dashboard Cite

Abstract. This paper tackles the problem of rule acquisition, which is critical for the development of BRMS. The proposed approach assumes that regulations written in natural language (NL) are an important source of knowledge but that turning them into formal statements is a complex task that cannot be fully automated. The present paper focuses on the first phase of this acquisition process, the normalization phase that aims at transforming NL statements into controlled language (CL), rather than on their formalization into an operational rule base. We show that turning a NL text into a set of self-sufficient and independent CL rules is itself a complex task that involves some lexical and syntactic normalizations but also the restoration of contextual information and of implicit semantic entities to get a set of self-sufficient and unambiguous rule statements. We also present the SemEx tool that supports the proposed acquisition methodology based on the selection of the relevant text fragments and their progressive and interactive transformation into CL rule statements.

show abstract

Section: Related Workmentioning

confidence: 99%

“…SBVR (Semantics of Business Vocabulary and Rules) can be seen as a synthesis of several efforts and a standard independent of English or any natural language. It has been accepted by the OMG (Object Management Group) 4 . We refer to the English version of SBVR CL, namely SBVR Structured English (SBVR-SE).…”

Section: Related Workmentioning

confidence: 99%

From Regulatory Texts to BRMS: How to Guide the Acquisition of Business Rules?

Guisse

Fran

Lévy

et al. 2012

Rules on the Web: Research and Applications

View full text Add to dashboard Cite

show abstract

“…The parameters of external events take values in the following domains: The main domains are defined as follows 8 :…”

Section: Compliancementioning

confidence: 99%

“…However our main target is the definition of privacy policies (by subjects as well as controllers) and their correct implementation (as opposed to the analysis or translation of regulations in [6], [7] and [26]). We also share with the Sparcle project ( [8] and [17]) the objective of assisting users to edit privacy policies expressed in a natural language but the user interface issues have been left outside the scope of this paper.…”

Section: Related Workmentioning

confidence: 99%

A Formal Privacy Management Framework

Métayer

2009

Formal Aspects in Security and Trust

View full text Add to dashboard Cite

Privacy is a complex issue which cannot be handled by exclusively technical means. The work described in this paper results from a multidisciplinary project involving lawyers and computer scientists with the double goal to (1) reconsider the fundamental values motivating privacy protection and (2) study the conditions for a better protection of these values by a combination of legal and technical means. One of these conditions is to provide to the individuals effective ways to convey their consent to the disclosure of their personal data. This paper focuses on the formal framework proposed in the project to deliver this consent through software agents. Context and MotivationsIn the same way as the growing use of photography at the end of the 19th century prompted Warren and Brandeis seminal paper [31], the changes imposed nowadays by information and communication technologies require a deep reflection on the fundamental values underlying privacy and the best way to achieve their protection [15,27]. Furthermore a multidisciplinary approach is necessary to tackle this challenge because privacy can neither be apprehended nor guaranteed by exclusively legal or technical means. As a step in this direction, the collaborative project PRIAM 1 gathers lawyers and computer scientists with the goal of putting forward a common view of privacy for pervasive computing and effective (legal and technical) instruments to protect it.

show abstract

“…Past applications of NLP have sought to parse privacy policies into machine-readable representations (Brodie et al, 2006) or extract subpolicies from larger documents (Xiao et al, 2012). Machine learning has been applied to assess certain attributes of policies (Costante et al, 2012;Ammar et al, 2012;Costante et al, 2013;Zimmeck and Bellovin, 2013).…”

Section: Introductionmentioning

confidence: 99%