Natural Language Processing of Rules and Regulations for Compliance in the Cloud

  • Nick Papanikolaou
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7566)


We discuss ongoing work on developing tools and techniques for understanding natural-language descriptions of security and privacy rules, particularly in the context of cloud computing services. In particular, we present a three-part toolkit for analyzing and processing texts, and enforcing privacy and security rules extracted from those texts. We are interested in developing efficient, accurate technologies to reduce the time spent analyzing and reasoning about new privacy laws and security rules within the enterprise. We describe the tools we have developed for semantic annotation, and also for information extraction - these are specifically intended for analysis of cloud terms of service, and therefore designed to help with self-compliance; however, the techniques involved should be generalizable to other relevant texts, esp. rules and regulations for data protection.


Cloud Computing Cloud Service Natural Language Processing Service Level Agreement Cloud Service Provider 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ong, V.: An Architecture and Prototype System for Automatically Processing Natural-Language Statements of Policy. Thesis, Naval Postgraduate School, Monterey, California (2001)Google Scholar
  2. 2.
    Manning, C.D., Schutze, H.: Foundations of Statistical Natural Language Processing. MIT Press (1999)Google Scholar
  3. 3.
    Breaux, T.D., Vail, M.W., Antón, A.I.: Towards Regulatory Compliance: Extracting Rights and Obligations to Align Requirements with Regulations. In: Proceedings of 14th IEEE International Requirements Engineering Conference, RE 2006 (2006)Google Scholar
  4. 4.
    Cunningham, H., Maynard, D., Bontcheva, K., Tablan, V., Aswani, N., Ro-berts, I., Gorrell, G., Funk, A., Roberts, A., Damljanovic, D., Heitz, T., Greenwood, M.A., Saggion, H., Petrak, J., Li, Y., Peters, W.: Text Processing with GATE (Version 6). Department of Computer Science, University of Sheffield (2011)Google Scholar
  5. 5.
    May, M., Gunter, C., Lee, I., Zdancewic, S.: Strong and Weak Policy Relations. In: Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY 2009), pp. 33–36. IEEE Computer Society, Washington, DC (2009)CrossRefGoogle Scholar
  6. 6.
    Papanikolaou, N., Creese, S., Goldsmith, M.: Refinement checking for privacy policies. Science of Computer Programming (2011) (article in press), doi:10.1016/j.scico, 07.009Google Scholar
  7. 7.
    Casassa Mont, M., Pearson, S., Creese, S., Goldsmith, M., Papanikolaou, N.: A Conceptual Model for Privacy Policies with Consent and Revocation Requirements. In: Fischer-Hübner, S., Duquenoy, P., Hansen, M., Leenes, R., Zhang, G. (eds.) Privacy and Identity 2010. IFIP AICT, vol. 352, pp. 258–270. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    Pearson, S., Casassa Mont, M., Kounga, G.: Enhancing Accountability in the Cloud via Sticky Policies. In: Lee, C., Seigneur, J.-M., Park, J.J., Wagner, R.R. (eds.) STA 2011 Workshops. CCIS, vol. 187, pp. 146–155. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  9. 9.
    Bradshaw, S., Millard, C., Walden, I.: Contracts for Clouds: Comparison and Analysis of the Terms and Conditions of Cloud Computing Services. Queen Mary University of London, School of Law Legal Studies Research Paper No. 63/2010 (2010), (accessed May 14, 2012)
  10. 10.
    Breaux, T.D., Gordon, D.G.: Regulatory Requirements as Open Systems: Structures, Patterns and Metrics for the Design of Formal Requirements Specifications. Technical Report CMU-ISR-11-100, Institute for Software Research, Carnegie-Mellon University (2011), (accessed May 14, 2012)

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Nick Papanikolaou
    • 1
  1. 1.Cloud and Security LabHP LabsBristolUK

Personalised recommendations