Um catálogo de padrões de requisitos de privacidade baseado na lei geral de proteção de dados pessoais

Detalhes bibliográficos
Ano de defesa: 2024
Autor(a) principal: Carneiro, Cinara Gomes de Melo lattes
Orientador(a): Bulcão Neto, Renato de Freitas lattes
Banca de defesa: Bulcão Neto , Renato de Freitas, Vincenzi , Auri Marcelo Rizzo, Alencar, Wanderley de Souza
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Universidade Federal de Goiás
Programa de Pós-Graduação: Programa de Pós-graduação em Ciência da Computação (INF)
Departamento: Instituto de Informática - INF (RMG)
País: Brasil
Palavras-chave em Português:
Palavras-chave em Inglês:
Área do conhecimento CNPq:
Link de acesso: http://repositorio.bc.ufg.br/tede/handle/tede/13582
Resumo: [Context] Currently, Brazilian companies are concerned about protecting the personal data of their customers and employees to ensure the privacy of these individuals. This concern arises from the fact that personal data protection is an obligation imposed by the General Data Protection Law (LGPD). Since most organizations store this data digitally to carry out various operations, software must comply with the current legislation. [Problem] According to recent research, a large portion of professionals in the software industry do not have comprehensive knowledge of privacy requirements or the LGPD. [Objective] The objective of this work is to construct and evaluate a Catalog of Privacy Requirement Patterns (CPRP) based on the LGPD. [Method] A method for syntactic analysis of the articles composing the LGPD was defined to extract privacy requirements. These requirements were converted into requirement patterns (RP) using a method for constructing RP catalogs based on the grammar of the Software Pattern Metamodel (SoPaMM), with the support of the Terminal Model Editor (TMed) tool. Finally, two experts in LGPD and Software Engineering evaluated the completeness and correctness of the developed catalog concerning the legislation. [Contributions] The conversion of legal requirements into privacy RPs can assist professionals in eliciting and specifying requirements, as privacy requirements can be reused in various contexts with minor or any modifications.